Security Advisory: Local privilege escalation in Lix and Nix
Summary
A security advisory reports local privilege escalation vulnerabilities in Nix and Lix daemons that could allow a privileged attacker to execute code as the daemon user. The flaws are being tracked with CVE IDs (pending attribution) and a GHSA advisory, with patches released for multiple versions; Guix is not affected. The post also describes affected configurations and remediation steps, including ASLR hardening measures.