一、 漏洞 CVE-2025-32797 基础信息
漏洞信息
                                        神龙正在分析中.
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Conda-build Insecure Build Script Permissions Enabling Arbitrary Code Execution
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Conda-build contains commands and tools to build conda packages. Prior to version 25.3.1, the write_build_scripts function in conda-build creates the temporary build script conda_build.sh with overly permissive file permissions (0o766), allowing write access to all users. Attackers with filesystem access can exploit a race condition to overwrite the script before execution, enabling arbitrary code execution under the victim's privileges. This risk is significant in shared environments, potentially leading to full system compromise. Even with non-static directory names, attackers can monitor parent directories for file creation events. The brief window between script creation (with insecure permissions) and execution allows rapid overwrites. Directory names can also be inferred via timestamps or logs, and automation enables exploitation even with semi-randomized paths by acting within milliseconds of detection. This issue has been patched in version 25.3.1. A workaround involves restricting conda_build.sh permissions from 0o766 to 0o700 (owner-only read/write/execute). Additionally, use atomic file creation (write to a temporary randomized filename and rename atomically) to minimize the race condition window.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
不安全的继承权限
来源:美国国家漏洞数据库 NVD
二、漏洞 CVE-2025-32797 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2025-32797 的情报信息

  • 标题: ENH: added ability to specify script inline by srossross · Pull Request #5 · conda/conda-build · GitHub -- 🔗来源链接

    标签: x_refsource_MISC

    ENH: added ability to specify script inline by srossross · Pull Request #5 · conda/conda-build · GitHub

  • 标题: Insecure Build Script Permissions Enabling Arbitrary Code Execution · Advisory · conda/conda-build · GitHub -- 🔗来源链接

    标签: x_refsource_CONFIRM

    Insecure Build Script Permissions Enabling Arbitrary Code Execution · Advisory · conda/conda-build · GitHub

  • 标题: Merge commit from fork · conda/conda-build@d246e49 · GitHub -- 🔗来源链接

    标签: x_refsource_MISC

    Merge commit from fork · conda/conda-build@d246e49 · GitHub

  • 标题: conda-build/conda_build/build.py at 3f06913bba22c4e1ef1065df9e00d86ac97f087c · conda/conda-build · GitHub -- 🔗来源链接

    标签: x_refsource_MISC

    conda-build/conda_build/build.py at 3f06913bba22c4e1ef1065df9e00d86ac97f087c · conda/conda-build · GitHub
  • https://nvd.nist.gov/vuln/detail/CVE-2025-32797