News

New Linux flaw: 'Wall' vulnerability poses security risk

By: Nastya Bobkova | 31.03.2024, 21:20

New Linux flaw: 'Wall' vulnerability poses security risk

A cybersecurity researcher has discovered a serious vulnerability in some versions of Linux that could allow hackers to access users' passwords or even modify the contents of their clipboard.

Here's What We Know

The vulnerability, known as CVE-2024-28085 or WallEscape, affects the "wall" command, which is used to broadcast messages to the terminals of all users online in the system.

The flaw was patched in Linux 2.40 in March 2024, but has been present in Linux versions for the past 11 years. A hacker can take advantage of and exploit the escape sequence neutralisation flaw to force users to enter their administrator password or modify their clipboard.

To avoid the risks, system administrators recommend fixing the vulnerability by upgrading to Linux 2.40 or removing the setgid permission from the "wall" command. It is also possible to disable the message broadcasting feature with the "mesg" command to reduce the threat.

Source: TechRadar

Linux Safety and hackers Linux

About Site

Sections

Blockchain and cryptocurrencies

Gaming

Epic Games Store

Electronic Arts

Most Interesting

Leaks and rumors

ru

NB FR UK PL DA ES IT DE NL SV

© 2007—2024 gagadget.com

AFFILIATE DISCLOSURE Some posts may contain affiliate links. Gagadget.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.

var _merchantSettings=_merchantSettings || []; _merchantSettings.push(['AT', '10lpuJ']); (function(){var autolink=document.createElement('script');autolink.type='text/javascript';autolink.async=true; autolink.src= ('https:' == document.location.protocol) ? 'https://autolinkmaker.itunes.apple.com/js/itunes_autolinkmaker.js' : 'http://autolinkmaker.itunes.apple.com/js/itunes_autolinkmaker.js';var s=document.getElementsByTagName('script')[0];s.parentNode.insertBefore(autolink, s);})();

(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-KDNH3DF');