CVE-2025-61557
Directory Traversal in nixseparatedebuginfod Before v
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nixseparatedebuginfod | nixseparatedebuginfod | * |
| symphorien | nixseparatedebuginfod | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Directory Traversal issue in nixseparatedebuginfod versions before v0.4.1. Directory Traversal vulnerabilities allow an attacker to access files and directories that are stored outside the intended directory, potentially exposing sensitive information or system files.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to access unauthorized files on the system by exploiting the Directory Traversal flaw. This could lead to exposure of sensitive data, system information, or configuration files, potentially compromising system security.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves directory traversal allowing files outside the /nix/store directory to be served by nixseparatedebuginfod. Detection can involve monitoring requests to the nixseparatedebuginfod server for attempts to access paths outside /nix/store. Since nixseparatedebuginfod runs a server, you can check logs for suspicious file path requests containing traversal patterns (e.g., ../). Additionally, verifying the server's behavior by attempting to request files outside /nix/store can help detect the vulnerability. Specific commands are not provided in the resources, but general approaches include inspecting server logs and using curl or wget to request suspicious paths from the nixseparatedebuginfod service endpoint (default http://127.0.0.1:1949). [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating nixseparatedebuginfod to version 0.4.1 or later, which includes the fix that restricts file serving to only files within the /nix/store directory, preventing directory traversal attacks. If updating is not immediately possible, restrict access to the nixseparatedebuginfod service to trusted users only and monitor for suspicious access attempts. Also, ensure that the nix daemon access control includes the nixseparatedebuginfod user if access is restricted, to avoid unintended privilege escalations. Deleting or restricting the cache (~/.cache/nixseparatedebuginfod) may also help reduce risk. Finally, enable debug logging (e.g., via RUST_LOG=debug) to monitor and audit the service. [1, 3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.