Some Linux distributions could have user passwords exposed and clipboards taken over in attacks exploiting an improper escape sequence neutralization vulnerability impacting the util-linux package's "wall" command, tracked as CVE-2024-28085, reports The Hacker News.
Potential intrusions, which could affect Debian Bookworm and Ubuntu 22.04, involve luring users into establishing a phony sudo prompt and providing their credentials, according to security researcher Skyler Ferrante. However, the exploitation of the security issue, also known as WallEscape, would only be successful if the mesg utility is enabled and if the wall command requires setgid permissions.
"On Ubuntu 22.04, we have enough control to leak a user's password by default. The only indication of attack to the user will be an incorrect password prompt when they correctly type their password, along with their password being in their command history," Ferrante said.
An immediate update to util-linux version 2.40 has been recommended.
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.