New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

2024-03-29 10:49

Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by security researcher Skyler Ferrante. It has been described as a case of improper

News URL

https://thehackernews.com/2024/03/new-linux-bug-could-lead-to-user.html

#hijacking #leak #linux #CVE-2024-28085

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-27	CVE-2024-28085	wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Linux		17	374	2505	1534	665	5078