Util-linux Security Update Advisory (CVE-2024-28085)

Apr 03 2024

Overview

We have released a security update to address a vulnerability in util-linux. users of affected products are advised to update to the latest version.

Affected Products

Versions of util-linux prior to 2.40

Ubuntu 22.04 and Debian Bookworm

Resolved Vulnerabilities

Vulnerability in util-linux that allows escape sequences to be sent to another user’s terminal via argv of the wall command installed with setgid tty privileges (CVE-2024-28085)

Vulnerability Patches

vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Util-linux 2.40 version

Referenced Sites

[1] CVE-2024-28085 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-28085

[2] Wall-Escape (CVE-2024-28085)

https://github.com/skyler-ferrante/CVE-2024-28085

[3] Index of /pub/linux/utils/util-linux/

https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/

Util-linux Security Update Advisory (CVE-2024-28085)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Linux Kernel Security Update Advisory (CVE-2024-1086)

Cisco Family April 2024 1st Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Linux Kernel Security Update Advisory (CVE-2024-1086)

Cisco Family April 2024 1st Security Update Advisory