CVE-2026-28372 PUBLISHED

Assigner: mitre
Reserved: 27.02.2026 Published: 27.02.2026 Updated: 27.02.2026

telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.4

Attack Vector	Local	Scope	Unchanged
Attack Complexity	High	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	GNU
Product	inetutils
Versions	Default: unknown affected from 0 to 2.7 (incl.)

References

https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00000.html
https://git.hadrons.org/cgit/debian/pkgs/inetutils.git/commit/?id=3953943d8296310485f98963883a798545ab9a6c
https://lists.gnu.org/archive/html/bug-inetutils/2026-02/msg00012.html
https://www.openwall.com/lists/oss-security/2026/02/24/1

Problem Types

CWE-829 Inclusion of Functionality from Untrusted Control Sphere CWE