QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-28085

Back to search

CVE-2024-28085

Published: Mar 27, 2024

Modified: May 12, 2026

PUBLISHED

Description

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.

VendorProductVersions

n/a

n/a

affected
n/a

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now