JLSEC-2025-194
- Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2025/JLSEC-2025-194.md
- Import Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-194.json
- JSON Data
- https://api.osv.dev/v1/vulns/JLSEC-2025-194
- Upstream
- Published
- 2025-10-27T18:23:36.019Z
- Modified
- 2025-11-06T23:03:30.800172Z
- Summary
- wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequence...
- Details
-
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.
- Database specific
{ "sources": [ { "id": "CVE-2024-28085", "published": "2024-03-27T19:15:48.367Z", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2024-28085", "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28085", "modified": "2025-03-20T17:58:00.680Z", "imported": "2025-10-27T15:41:00.913Z" } ], "license": "CC-BY-4.0" }- References
-
- http://www.openwall.com/lists/oss-security/2024/03/27/5
- http://www.openwall.com/lists/oss-security/2024/03/27/6
- http://www.openwall.com/lists/oss-security/2024/03/27/7
- http://www.openwall.com/lists/oss-security/2024/03/27/8
- http://www.openwall.com/lists/oss-security/2024/03/27/9
- http://www.openwall.com/lists/oss-security/2024/03/28/1
- http://www.openwall.com/lists/oss-security/2024/03/28/2
- http://www.openwall.com/lists/oss-security/2024/03/28/3
- https://github.com/skyler-ferrante/CVE-2024-28085
- https://github.com/util-linux/util-linux/security/advisories/GHSA-xv2h-c6ww-mrjq
- https://lists.debian.org/debian-lts-announce/2024/04/msg00005.html
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/
- https://people.rit.edu/sjf5462/6831711781/wall_2_27_2024.txt
- https://security.netapp.com/advisory/ntap-20240531-0003/
- https://www.openwall.com/lists/oss-security/2024/03/27/5
Affected packages
Julia / util_linux_jll
Package
- Name
- util_linux_jll
- Purl
- pkg:julia/util_linux_jll?uuid=a762b42e-dc87-5958-a639-9c9eec9c0153
Julia / Libuuid_jll
Package
- Name
- Libuuid_jll
- Purl
- pkg:julia/Libuuid_jll?uuid=38a345b3-de98-5d2b-a5d3-14cd9215e700