[ISSUE] CVE-2024-28085

Github messages for voidlinux
 help / color / mirror / Atom feed

* [ISSUE] CVE-2024-28085
@ 2024-06-02  7:08 tuxslack
  2024-06-02 10:43 ` CVE-2024-28085 classabbyamp
                   ` (3 more replies)
  0 siblings, 4 replies; 5+ messages in thread
From: tuxslack @ 2024-06-02  7:08 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 983 bytes --]

New issue by tuxslack on void-packages repository

https://github.com/void-linux/void-packages/issues/50651

Description:
### Is this a new report?

Yes

### System Info

wall

### Package(s) Affected

util-linux

### Does a report exist for this bug with the project's home (upstream) and/or another distro?

https://diolinux.com.br/noticias/wallescape-falha-no-linux-falso-sudo.html
https://nvd.nist.gov/vuln/detail/CVE-2024-28085

### Expected behaviour

versão 2.40

### Actual behaviour

$ wall -V
wall de util-linux 2.39.3

maintainer: Enno Boland
pkgname: util-linux
pkgver: util-linux-2.39.3_2

### Steps to reproduce

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: CVE-2024-28085
  2024-06-02  7:08 [ISSUE] CVE-2024-28085 tuxslack
@ 2024-06-02 10:43 ` classabbyamp
  2024-06-11  5:31 ` CVE-2024-28085 tuxslack
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 5+ messages in thread
From: classabbyamp @ 2024-06-02 10:43 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 156 bytes --]

New comment by classabbyamp on void-packages repository

https://github.com/void-linux/void-packages/issues/50651#issuecomment-2143796567

Comment:
#50538 

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: CVE-2024-28085
  2024-06-02  7:08 [ISSUE] CVE-2024-28085 tuxslack
  2024-06-02 10:43 ` CVE-2024-28085 classabbyamp
@ 2024-06-11  5:31 ` tuxslack
  2024-06-11  5:31 ` CVE-2024-28085 tuxslack
  2024-06-11  5:39 ` [ISSUE] [CLOSED] CVE-2024-28085 classabbyamp
  3 siblings, 0 replies; 5+ messages in thread
From: tuxslack @ 2024-06-11  5:31 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 251 bytes --]

New comment by tuxslack on void-packages repository

https://github.com/void-linux/void-packages/issues/50651#issuecomment-2159827128

Comment:
Updated system:

#  wall -V
wall de util-linux 2.40.1


It is protected against **CVE-2024-28085**


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: CVE-2024-28085
  2024-06-02  7:08 [ISSUE] CVE-2024-28085 tuxslack
  2024-06-02 10:43 ` CVE-2024-28085 classabbyamp
  2024-06-11  5:31 ` CVE-2024-28085 tuxslack
@ 2024-06-11  5:31 ` tuxslack
  2024-06-11  5:39 ` [ISSUE] [CLOSED] CVE-2024-28085 classabbyamp
  3 siblings, 0 replies; 5+ messages in thread
From: tuxslack @ 2024-06-11  5:31 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 248 bytes --]

New comment by tuxslack on void-packages repository

https://github.com/void-linux/void-packages/issues/50651#issuecomment-2159827128

Comment:
Updated system:

wall -V
wall de util-linux 2.40.1


It is protected against **CVE-2024-28085**


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [ISSUE] [CLOSED] CVE-2024-28085
  2024-06-02  7:08 [ISSUE] CVE-2024-28085 tuxslack
                   ` (2 preceding siblings ...)
  2024-06-11  5:31 ` CVE-2024-28085 tuxslack
@ 2024-06-11  5:39 ` classabbyamp
  3 siblings, 0 replies; 5+ messages in thread
From: classabbyamp @ 2024-06-11  5:39 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 1063 bytes --]

Closed issue by tuxslack on void-packages repository

https://github.com/void-linux/void-packages/issues/50651

Description:
### Is this a new report?

Yes

### System Info

wall

### Package(s) Affected

util-linux

### Does a report exist for this bug with the project's home (upstream) and/or another distro?

https://diolinux.com.br/noticias/wallescape-falha-no-linux-falso-sudo.html
https://nvd.nist.gov/vuln/detail/CVE-2024-28085

### Expected behaviour

versão 2.40

### Actual behaviour

$ wall -V
wall de util-linux 2.39.3

maintainer: Enno Boland
pkgname: util-linux
pkgver: util-linux-2.39.3_2

### Steps to reproduce

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.

https://www.youtube.com/watch?v=X_Pwq5DD63s

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2024-06-11  5:39 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-06-02  7:08 [ISSUE] CVE-2024-28085 tuxslack
2024-06-02 10:43 ` CVE-2024-28085 classabbyamp
2024-06-11  5:31 ` CVE-2024-28085 tuxslack
2024-06-11  5:31 ` CVE-2024-28085 tuxslack
2024-06-11  5:39 ` [ISSUE] [CLOSED] CVE-2024-28085 classabbyamp

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).