ALT Linux Team

Package screen update in sisyphus_loongarch64 on 2025-05-14

ALT-PU-2025-6800-1

Package screen updated to version 4.9.1-alt2 for branch sisyphus_loongarch64.

Closed vulnerabilities

Published: 2025-05-26
Modified: 2025-05-27

CVE-2025-46802

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

References:
Published: 2025-05-26
Modified: 2025-05-27

CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0.

References:
Published: 2025-05-26

CVE-2025-46805

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.

References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.1
Back to top