Skip to content

Commit 7ce15b4

Browse files
author
Raito Bezarius
committed
content/blog/cve: publish snyk deep dive link
Signed-off-by: Raito Bezarius <[email protected]>
1 parent aa46f57 commit 7ce15b4

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

content/blog/2025-06-24-lix-cves.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ Unfortunately, the vulnerability potential of CVE-2024-27297 was not fully reali
3737

3838
## The bugs
3939

40-
A detailed breakdown of the vulnerabilities will be provided in the upcoming publication from the Snyk research team.
40+
A detailed breakdown of the vulnerabilities is provided in the [Rory McNamara's deep dive](https://labs.snyk.io/resources/nixos-deep-dive/).
4141

4242
For now, here are a few insights into key elements of the attack chain.
4343

@@ -306,6 +306,7 @@ For further discussion and tracking, see: [lix-project/lix#876](https://git.lix.
306306
- 2025-04-30: QA started.
307307
- 2025-05-08: QA ended. Lix team made final patches available.
308308
- 2025-06-24: Disclosure deadline.
309+
- 2025-15-07 : [Snyk deep dive published](https://labs.snyk.io/resources/nixos-deep-dive/)
309310

310311
## Credits
311312

@@ -328,3 +329,4 @@ Credits to Raito Bezarius for the file descriptors-related fixes and QA on Linux
328329
## References
329330

330331
- [Guix blog post on the vulnerability](https://guix.gnu.org/en/blog/2025/privilege-escalation-vulnerabilities-2025)
332+
- [Snyk deep dive](https://labs.snyk.io/resources/nixos-deep-dive/)

0 commit comments

Comments
 (0)