CVE-2024-24828 – Local Privilege Escalation in execuatables bundled by pkg

https://notcve.org/view.php?id=CVE-2024-24828

09 Feb 2024 — pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by `pkg` are written to a hardcoded directory. On unix systems, this is `/tmp/pkg/*` which is a shared directory for all users on the same local system. There is no uniqueness to the package names within this directory, they are predictable. An attacker who has access to the same local system has the ability to replace the genuine executables in the shared directory with malicious executables of the same name. • https://github.com/vercel/pkg/security/advisories/GHSA-22r3-9w55-cj54 • CWE-276: Incorrect Default Permissions •