CVE-2024-28085
Key Information:
- Vendor
- CVE Published:
- 27 March 2024
Badges
Summary
The highlighted vulnerability is CVE-2024-28085, which affects the "wall" command of the util-linux package on certain Linux distributions. It is a decade-old vulnerability that, if exploited, can lead to user password leaks and clipboard hijacking. The vulnerability arises from improperly filtered escape sequences in the command line arguments, allowing unprivileged users to interfere with terminals when specific criteria are met. CVE-2024-28085 can potentially lead to account takeovers and has been exploited on Ubuntu 22.04 and Debian Bookworm. Users are advised to update to util-linux version 2.40 to address the flaw, and security researchers have outlined potential exploitation scenarios and detailed how administrators can mitigate the risk.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles
‘WallEscape’ Linux Vulnerability Leaks User Passwords
Vulnerability (CVE-2024-28085) in core Linux system utilities package util-linux allows attackers to leak user passwords using fake prompts.
9 months ago
4chanCVE-2024-28085/g/ - Wall-Escape (CVE-2024-28085) - Technology - 4chan
Wall-Escape (CVE-2024-28085) - "/g/ - Technology" is 4chan's imageboard for discussing computer hardware and software, programming, and general technology.
9 months ago
New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking
A new Linux vulnerability puts user passwords at risk. It exploits the "wall" command to potentially leak passwords on Ubuntu & Debian systems.
10 months ago
References
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
- 📰
First article discovered by Beeping Computers
Vulnerability published
Vulnerability Reserved