“Wall” vulnerability threatens Ubuntu 22.04 security
Details were noted of a vulnerability involving the “wall” command in the util-linux package, which can be exploited by malicious users to leak user passwords or change privileges on some Linux distributions.
The “wall” command is used to send a message to all users connected to the compromised server, allowing privileged users to share basic information (such as a system shutdown) with all local users.
The vulnerability with code CVE-2024-28085 is reported as WallEscape and is described as a vulnerability affecting the Ubuntu 22.04 and Debian Bookworm distributions. This vulnerability can be exploited to create a fake sudo prompt on other users’ screens via improper escape override. In addition, a post-release vulnerability in the netfilter subsystem of the Linux kernel with code CVE-2024-1086 was reported, but has been patched.
To address the above vulnerability, users are suggested to upgrade to util-linux version 2.40.
At this point, it is important to mention that the exploitation of the two vulnerabilities can have serious implications for the security of the user and the respective networks used. It is also important to regularly adopt measures to update and monitor vulnerabilities in the various Linux distributions in order to avoid cyber attacks.
The recent vulnerabilities in the “wall” command within the util-linux package and the post-release vulnerability in the netfilter subsystem of the Linux kernel highlight the critical importance of promptly addressing security issues in software and system components.
