DSA-5650-1 util-linux -- util-linuxID: oval:org.secpod.oval:def:613032 | Date: (C)2024-04-16 (M)2024-04-16 |
Class: PATCH | Family: unix |
Skyler Ferrante discovered that the wall tool from util-linux does not properly handle escape sequences from command line arguments. A local attacker can take advantage of this flaw for information disclosure. With this update wall and write are not anymore installed with setgid tty.
Platform: |
Debian 12.x |
Debian 11.x |
Product: |
bsdutils |
rfkill |
libblkid-dev |
libmount1 |
util-linux |
libsmartcols-dev |
libmount-dev |
uuid-runtime |
bsdextrautils |
libblkid1 |
eject |
libfdisk1 |
libuuid1 |
libfdisk-dev |
uuid-dev |
libsmartcols1 |
fdisk |
mount |