PT-2024-2532 · Unknown+6 · Util-Linux+6

Skyler Ferrante

Published

2024-03-27

Updated

2026-03-29

CVE-2024-28085

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions

util-linux versions prior to 2.40

Description

The wall command in util-linux versions through 2.40 does not properly filter escape sequences received from command line arguments. This allows a local attacker to potentially inject escape sequences, which could lead to information disclosure or, in some scenarios, account takeover. The vulnerability has been present for over 11 years. A fix was initially released but did not fully address the issue, leading to a subsequent update that removes the setgid permission bit from the wall and write utilities.

Recommendations

Upgrade to util-linux version 2.40 or later. Remove the setgid permission bit from the wall and write utilities. Consider disabling the wall command.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-268CWE-150

Related Identifiers

ALT-PU-2024-8305

AZL-37134

AZL-37146

BDU:2024-02517

CVE-2024-28085

DLA-3782-1

DSA-5650-1

GHSA-XV2H-C6WW-MRJQ

JLSEC-2025-194

MGASA-2024-0112

OESA-2024-1352

OESA-2024-1383

OPENSUSE-SU-2024:14523-1

OPENSUSE-SU-2024_1169-1

OPENSUSE-SU-2024_1170-1

OPENSUSE-SU-2024_1172-1

SUSE-SU-2024:1106-1

SUSE-SU-2024:1169-1

SUSE-SU-2024:1170-1

SUSE-SU-2024:1171-1

SUSE-SU-2024:1172-1

SUSE-SU-2024:1943-1

SUSE-SU-2024_1106-1

SUSE-SU-2024_1169-1

SUSE-SU-2024_1170-1

SUSE-SU-2024_1171-1

SUSE-SU-2024_1172-1

SUSE-SU-2024_1943-1

SUSE-SU-2025:20003-1

SUSE-SU-2025:20304-1

USN-6719-1

USN-6719-2

Affected Products

Alt Linux

Astra Linux

Linuxmint

Red Os

Suse

Ubuntu

Util-Linux

PT-2024-2532 · Unknown+6 · Util-Linux+6

CVE-2024-28085

Weakness Enumeration

Related Identifiers

Affected Products

References · 129