Vulnerability Description
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Inetutils | <= 2.7 |
Related Weaknesses (CWE)
References
- https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=3953943d829631Patch
- https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.htmlExploitMailing ListThird Party Advisory
- https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00012.htmlMailing ListThird Party Advisory
- https://www.openwall.com/lists/oss-security/2026/02/24/1Mailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2026/02/27/3Mailing ListThird Party Advisory
- http://www.openwall.com/lists/oss-security/2026/03/06/2
- http://www.openwall.com/lists/oss-security/2026/03/06/3
- http://www.openwall.com/lists/oss-security/2026/03/07/1
- http://www.openwall.com/lists/oss-security/2026/03/07/2
FAQ
What is CVE-2026-28372?
CVE-2026-28372 is a vulnerability with a CVSS score of 7.4 (HIGH). telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40...
How severe is CVE-2026-28372?
CVE-2026-28372 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-28372?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Inetutils.