Gnu · Inetutils · CVE-2026-32746
**GNU inetutils telnetd versions prior to 2.8**
**Description**
A buffer overflow exists in the LINEMODE SLC (Set Local Characters) suboption handler of the telnetd daemon. The issue occurs because the `add slc()` function does not verify if the buffer is full before copying data, leading to an out-of-bounds write. An unauthenticated remote attacker can exploit this by sending a specially crafted packet during the initial connection handshake via port 23, potentially achieving remote code execution with root privileges. Approximately 50,000 internet-exposed assets have been identified as potentially affected.
**Recommendations**
Disable the telnetd service immediately and replace it with SSH.
Block all external access to TCP port 23 at the network perimeter and host-based firewalls.