Symlink-following bug in Nix enables root file overwrite
TL;DR — A regression in Nix’s fixed-output derivation handling can let untrusted local builds overwrite files writable by the Nix daemon (often root), turning shared builders into a privilege-escalation risk.
What happened
Nix is a package manager and build system for Linux and other Unix systems, commonly used to run reproducible builds via the nix-daemon in multi-user setups. CVE-2026-39860 describes a sandbox escape / arbitrary file overwrite condition caused by symlink following during fixed-output derivation output registration.
Per the CVE record, the issue is a bug in the fix for CVE-2024-27297: a temporary output copy path was placed inside the build chroot, enabling a derivation builder to create a symlink that points outside the intended boundary. During output registration, the Nix process orchestrating builds (typically the daemon) follows the symlink and overwrites the destination with derivation output contents.
| Item | Source value |
|---|---|
| Affected software | nix (NixOS) |
| Impact (per source) | Arbitrary overwrite of files writable by the Nix build orchestrator; local root privilege escalation in multi-user installs |
| Severity | CVSS v3.1 9.0 (Critical) |
| Platform scope | “sandboxed Linux builds” affected; “sandboxed macOS builds” unaffected |
This matters because Nix is frequently deployed as shared build infrastructure (developer workstations, CI builders, and multi-tenant build hosts). A local privilege escalation in the build orchestrator is a direct compromise path from “can run builds” to “can modify root-owned state.”
Who is impacted
- Multi-user Nix installations where the
nix-daemonorchestrates builds (commonly running with elevated privileges). - Environments where untrusted users can submit builds to the daemon (the CVE record specifically calls out
allowed-users, which “default[s] to all users”).
| Version ranges (per CVE record) | Status |
|---|---|
>= 2.21, < 2.28.6 | affected |
>= 2.29.0, < 2.29.3 | affected |
>= 2.30.0, < 2.30.4 | affected |
>= 2.31.0, < 2.31.4 | affected |
>= 2.32.0, < 2.32.7 | affected |
>= 2.33.0, < 2.33.4 | affected |
>= 2.34.0, < 2.34.5 | affected |
>= 2.20.5, <= 2.20.9 | affected |
>= 2.19.4, <= 2.19.7 | affected |
>= 2.18.2, <= 2.18.9 | affected |
| Fixed versions (per CVE record) |
|---|
2.34.5, 2.33.4, 2.32.7, 2.31.4, 2.30.4, 2.29.3, 2.28.6 |
What to do now
- Follow vendor remediation guidance and apply a fixed release.
"This vulnerability is fixed in 2.34.5, 2.33.4, 2.32.7, 2.31.4, 2.30.4, 2.29.3, and 2.28.6."
- Inventory where
nixis used as shared build infrastructure (CI runners, build hosts, developer workstations with multi-user Nix) and identify whether any deployments fall into affected ranges. - Treat this as a build-environment escape risk: review which users/groups can submit builds to the Nix daemon and prioritize remediation where untrusted build submission is possible.
Additional Information
- The upstream advisory is tracked as GitHub Security Advisory
GHSA-g3g9-5vj6-r3gj.
Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.