WallEscape util-Linux Vulnerability - 20240402004

Overview

The WA SOC has become aware of a vulnerability that is existing with util-Linux wall. This vulnerability allows escape sequences to be sent to other users' terminals through argv (argument vector). Successful exploitation of this vulnerability can lead to password leaks.

What is vulnerable?

CVE	Severity	CVSS	Product(s) Affected	Summary	Dated
CVE-2024-28085	TBA	N.A	util-linux versions before 2.40	This vulnerability allows escape sequences from command line arguments to be send to other users terminals	03/27/2024

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):

• Users are encourage to upgrade util-linux to version 2.40 or later: Download archive

Additional References

• skyler-ferrante/CVE-2024-28085: WallEscape vulnerability in util-linux (github.com)

• oss-security - CVE-2024-28085: Escape sequence injection in util-linux wall (openwall.com)

• CVE-2024-28085 | Tenable®

• Util-Linux (github.com)

• Util-Linux Documentation/howto-compilation (github.com)