CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
Confidence
Low
EPSS
Percentile
17.1%
USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was
discovered that the fix did not fully address the issue. This update
removes the setgid permission bit from the wall and write utilities.
Original advisory details:
Skyler Ferrante discovered that the util-linux wall command did not filter
escape sequences from command line arguments. A local attacker could
possibly use this issue to obtain sensitive information.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 23.10 | noarch | util-linux | < 2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | bsdextrautils | < 2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | bsdextrautils-dbgsym | < 2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | bsdutils | < 1:2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | bsdutils-dbgsym | < 1:2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | eject | < 2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | eject-dbgsym | < 2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | fdisk | < 2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | fdisk-dbgsym | < 2.39.1-4ubuntu2.2 | UNKNOWN |
Ubuntu | 23.10 | noarch | libblkid-dev | < 2.39.1-4ubuntu2.2 | UNKNOWN |