An ancient Linux flaw might be opening up users to dangerous cyberattacks

Pls share this post


Listen to this article

Many versions of Linux may be vulnerable to a flaw that allowed hackers to steal passwords, or change the contents of their clipboard.

The vulnerability, however, comes with a major caveat that makes exploitations somewhat unlikely (or at least heavily limited).

Cybersecurity researcher Skyler Ferrante recently discovered an “improper neutralization of escape sequences in wall” vulnerability, a flaw impacting the “wall” command. This command is usually used to broadcast messages to the terminals of all users logged to the same system.

WallEscape

With escape sequences not being properly filtered when processing input through command line arguments, a threat actor could, theoretically, launch a prompt to all connected users and have them type in their administrator password. Escape sequences could also be used to change the clipboard of a target user, although this method may not work with all terminal emulators.

READ ALSO  How to make productivity a differentiator for your tech team

The vulnerability is tracked as CVE-2024-28085, and dubbed WallEscape. It was fixed in Linux version 2.40, released in March 2024, but that means it has been present in Linux versions for the past 11 years.

While a proof-of-concept (PoC) for the vulnerability exists, and a practical application could occur, multiple factors need to align, first. For example, the attacker needs to have physical access to a Linux server, to which multiple other potential victims are already connected through the terminal. If you’re still worried about your Linux server being targeted, there is a solution. Linux released an upgrade to linux-utils v.2.40, which patches the vulnerability. 

READ ALSO 
Nvidia has opened the doors to Eos, one of the world's fastest supercomputers — here is what it looks like inside

Usually, these updates are available through the LInux distribution’s standard update channel, so keep an eye out. Furthermore, system administrators can fix the issue by removing the setgid permission from the “wall” command, or by disabling the message broadcast functionality using the “mesg” command to set its flag to “n”.

Via BleepingComputer

More from TechRadar Pro

Source



Pls share this post
Previous articleTesla has new competition with a Chinese EV priced lower than Model 3
Next article
DNA storage is coming, it’s just a matter of when not if — SNIA quietly unveils first specifications for storing bytes in DNA medium, an important first step towards almost ultra-cheap, limitless storage