Read Time:17 Second
Posted by Skyler Ferrante (RIT Student) via Fulldisclosure on Mar 27
Wall-Escape (CVE-2024-28085)
Skyler Ferrante: Escape sequence injection in util-linux wall
=================================================================
Summary
=================================================================
The util-linux wall command does not filter escape sequences from
command line arguments. The vulnerable code was introduced in
commit cdd3cc7fa4 (2013). Every version since has been
vulnerable.
This allows…