StarlingX

[Debian] Medium CVE: CVE-2024-28085 util-linux

Bug #2059877 reported by Yue Tao
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
High
Wentao Zhang

Bug Description

CVE-2024-28085: https://nvd.nist.gov/vuln/detail/CVE-2024-28085

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.

Base Score: Medium

Reference:

['bsdextrautils_2.36.1-8+deb11u1_amd64.deb===>bsdextrautils_2.36.1-8+deb11u2_amd64.deb', 'bsdutils_2.36.1-8+deb11u1_amd64.deb===>bsdutils_2.36.1-8+deb11u2_amd64.deb', 'eject_2.36.1-8+deb11u1_amd64.deb===>eject_2.36.1-8+deb11u2_amd64.deb', 'fdisk_2.36.1-8+deb11u1_amd64.deb===>fdisk_2.36.1-8+deb11u2_amd64.deb', 'libblkid1_2.36.1-8+deb11u1_amd64.deb===>libblkid1_2.36.1-8+deb11u2_amd64.deb', 'libfdisk1_2.36.1-8+deb11u1_amd64.deb===>libfdisk1_2.36.1-8+deb11u2_amd64.deb', 'libmount1_2.36.1-8+deb11u1_amd64.deb===>libmount1_2.36.1-8+deb11u2_amd64.deb', 'libsmartcols1_2.36.1-8+deb11u1_amd64.deb===>libsmartcols1_2.36.1-8+deb11u2_amd64.deb', 'libuuid1_2.36.1-8+deb11u1_amd64.deb===>libuuid1_2.36.1-8+deb11u2_amd64.deb', 'mount_2.36.1-8+deb11u1_amd64.deb===>mount_2.36.1-8+deb11u2_amd64.deb', 'util-linux_2.36.1-8+deb11u1_amd64.deb===>util-linux_2.36.1-8+deb11u2_amd64.deb', 'uuid-dev_2.36.1-8+deb11u1_amd64.deb===>uuid-dev_2.36.1-8+deb11u2_amd64.deb', 'uuid-runtime_2.36.1-8+deb11u1_amd64.deb===>uuid-runtime_2.36.1-8+deb11u2_amd64.deb']
https://security-tracker.debian.org/tracker/DSA-5650-1

CVE References

Revision history for this message
Ghada Khalil (gkhalil) wrote :

Changing the target release to stx.10.0 since the r/stx.9.0 release branch is created and the team doesn't port CVE fixes to released branches.

tags: added: stx.10.0
removed: stx.9.0
Wentao Zhang (wzhang4)
Changed in starlingx:
assignee: nobody → Wentao Zhang (wzhang4)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/917287

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/917287
Committed: https://opendev.org/starlingx/tools/commit/5d7d6b9cb8c604aaa09ba61715f333f7b6628267
Submitter: "Zuul (22348)"
Branch: master

commit 5d7d6b9cb8c604aaa09ba61715f333f7b6628267
Author: Wentao Zhang <email address hidden>
Date: Wed Apr 17 19:12:58 2024 -0700

    Debian: util-linux : fix CVE-2024-28085

    Upgrade bsdextrautils to 2.36.1-8+deb11u2
    Upgrade bsdutils to 1:2.36.1-8+deb11u2
    Upgrade eject to 2.36.1-8+deb11u2
    Upgrade fdisk to 2.36.1-8+deb11u2
    Upgrade libblkid1 to 2.36.1-8+deb11u2
    Upgrade libfdisk1 to 2.36.1-8+deb11u2
    Upgrade libmount1 to 2.36.1-8+deb11u2
    Upgrade libsmartcols1 to 2.36.1-8+deb11u2
    Upgrade libuuid1 to 2.36.1-8+deb11u2
    Upgrade mount to 2.36.1-8+deb11u2
    Upgrade util-linux to 2.36.1-8+deb11u2
    Upgrade uuid-dev to 2.36.1-8+deb11u2
    Upgrade uuid-runtime to 2.36.1-8+deb11u2

    Refer to:
    https://nvd.nist.gov/vuln/detail/CVE-2024-28085
    https://security-tracker.debian.org/tracker/DSA-5650-1

    Test Plan:
    Pass: downloader
    Pass: build-pkgs --clean --all
    Pass: build-image
    Pass: boot

    Closes-bug: #2059877

    Signed-off-by: Wentao Zhang <email address hidden>
    Change-Id: I1ed69814ced58837819ebcb26fb50d97484d9bc8

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.