USN-6719-2

See a problem?
Source
https://ubuntu.com/security/notices/USN-6719-2
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6719-2.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6719-2
Related
Published
2024-04-10T12:24:42.422279Z
Modified
2024-04-10T12:24:42.422279Z
Summary
util-linux vulnerability
Details

USN-6719-1 fixed a vulnerability in util-linux. Unfortunately, it was discovered that the fix did not fully address the issue. This update removes the setgid permission bit from the wall and write utilities.

Original advisory details:

Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information.

References

Affected packages

Ubuntu:20.04:LTS / util-linux

Package

Name
util-linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.34-0.1ubuntu9.6

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "util-linux-locales": "2.34-0.1ubuntu9.6",
            "libfdisk-dev": "2.34-0.1ubuntu9.6",
            "uuid-runtime": "2.34-0.1ubuntu9.6",
            "libsmartcols1": "2.34-0.1ubuntu9.6",
            "util-linux": "2.34-0.1ubuntu9.6",
            "fdisk": "2.34-0.1ubuntu9.6",
            "libuuid1": "2.34-0.1ubuntu9.6",
            "libmount-dev": "2.34-0.1ubuntu9.6",
            "uuid-dev": "2.34-0.1ubuntu9.6",
            "mount": "2.34-0.1ubuntu9.6",
            "libmount1": "2.34-0.1ubuntu9.6",
            "rfkill": "2.34-0.1ubuntu9.6",
            "libfdisk1": "2.34-0.1ubuntu9.6",
            "libsmartcols-dev": "2.34-0.1ubuntu9.6",
            "bsdutils": "1:2.34-0.1ubuntu9.6",
            "libblkid1": "2.34-0.1ubuntu9.6",
            "libblkid-dev": "2.34-0.1ubuntu9.6"
        }
    ]
}

Ubuntu:22.04:LTS / util-linux

Package

Name
util-linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.37.2-4ubuntu3.4

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "util-linux-locales": "2.37.2-4ubuntu3.4",
            "libfdisk-dev": "2.37.2-4ubuntu3.4",
            "uuid-runtime": "2.37.2-4ubuntu3.4",
            "libsmartcols1": "2.37.2-4ubuntu3.4",
            "util-linux": "2.37.2-4ubuntu3.4",
            "fdisk": "2.37.2-4ubuntu3.4",
            "eject": "2.37.2-4ubuntu3.4",
            "libuuid1": "2.37.2-4ubuntu3.4",
            "libmount-dev": "2.37.2-4ubuntu3.4",
            "uuid-dev": "2.37.2-4ubuntu3.4",
            "mount": "2.37.2-4ubuntu3.4",
            "libmount1": "2.37.2-4ubuntu3.4",
            "rfkill": "2.37.2-4ubuntu3.4",
            "bsdextrautils": "2.37.2-4ubuntu3.4",
            "libfdisk1": "2.37.2-4ubuntu3.4",
            "libsmartcols-dev": "2.37.2-4ubuntu3.4",
            "bsdutils": "1:2.37.2-4ubuntu3.4",
            "libblkid1": "2.37.2-4ubuntu3.4",
            "libblkid-dev": "2.37.2-4ubuntu3.4"
        }
    ]
}

Ubuntu:23.10 / util-linux

Package

Name
util-linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.39.1-4ubuntu2.2

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "util-linux-locales": "2.39.1-4ubuntu2.2",
            "libfdisk-dev": "2.39.1-4ubuntu2.2",
            "uuid-runtime": "2.39.1-4ubuntu2.2",
            "libsmartcols1": "2.39.1-4ubuntu2.2",
            "util-linux": "2.39.1-4ubuntu2.2",
            "fdisk": "2.39.1-4ubuntu2.2",
            "eject": "2.39.1-4ubuntu2.2",
            "libuuid1": "2.39.1-4ubuntu2.2",
            "libmount-dev": "2.39.1-4ubuntu2.2",
            "uuid-dev": "2.39.1-4ubuntu2.2",
            "mount": "2.39.1-4ubuntu2.2",
            "libmount1": "2.39.1-4ubuntu2.2",
            "rfkill": "2.39.1-4ubuntu2.2",
            "bsdextrautils": "2.39.1-4ubuntu2.2",
            "libfdisk1": "2.39.1-4ubuntu2.2",
            "libsmartcols-dev": "2.39.1-4ubuntu2.2",
            "util-linux-extra": "2.39.1-4ubuntu2.2",
            "bsdutils": "1:2.39.1-4ubuntu2.2",
            "libblkid1": "2.39.1-4ubuntu2.2",
            "libblkid-dev": "2.39.1-4ubuntu2.2"
        }
    ]
}