DSA-5650-1 util-linux -- util-linux| ID: oval:org.secpod.oval:def:613032 | Date: (C)2024-04-16 (M)2024-04-16 |
| Class: PATCH | Family: unix |
Skyler Ferrante discovered that the wall tool from util-linux does not properly handle escape sequences from command line arguments. A local attacker can take advantage of this flaw for information disclosure. With this update wall and write are not anymore installed with setgid tty.
| Platform: |
| Debian 12.x |
| Debian 11.x |
| Product: |
| bsdutils |
| rfkill |
| libblkid-dev |
| libmount1 |
| util-linux |
| libsmartcols-dev |
| libmount-dev |
| uuid-runtime |
| bsdextrautils |
| libblkid1 |
| eject |
| libfdisk1 |
| libuuid1 |
| libfdisk-dev |
| uuid-dev |
| libsmartcols1 |
| fdisk |
| mount |
