Vulnerability-Lookup

CVE-2025-23395 (GCVE-0-2025-23395)

Vulnerability from cvelistv5 – Published: 2025-05-26 15:18 – Updated: 2025-05-27 14:10

Title

Local root exploit via `logfile_reopen()` in screen 5.0.0 with setuid-root bit set

Summary

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user's (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.3 (High)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CWE

CWE-271 - Privilege Dropping / Lowering Errors

Assigner

suse

References

2 references

URL	Tags
https://bugzilla.suse.com/show_bug.cgi?id=CVE-202…
https://www.openwall.com/lists/oss-security/2025/…

Impacted products

1 product

Vendor	Product	Version
		Affected: 5.0 , ≤ 5.0.0 (semver)

Date Public

2025-05-12 15:24

Credits

Matthias Gerstner, SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-23395",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T14:10:26.175851Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-27T14:10:29.258Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2025/05/12/1"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.savannah.gnu.org/cgit/screen.git",
          "defaultStatus": "unaffected",
          "packageName": "screen",
          "versions": [
            {
              "lessThanOrEqual": "5.0.0",
              "status": "affected",
              "version": "5.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Matthias Gerstner, SUSE"
        }
      ],
      "datePublic": "2025-05-12T15:24:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eScreen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user\u0027s (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges\u003c/div\u003e"
            }
          ],
          "value": "Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user\u0027s (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-271",
              "description": "CWE-271: Privilege Dropping / Lowering Errors",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-26T15:18:46.694Z",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23395"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2025/05/12/1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Local root exploit via `logfile_reopen()` in screen 5.0.0 with setuid-root bit set",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2025-23395",
    "datePublished": "2025-05-26T15:18:46.694Z",
    "dateReserved": "2025-01-15T12:39:03.324Z",
    "dateUpdated": "2025-05-27T14:10:29.258Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-23395",
      "date": "2026-05-26",
      "epss": "0.00066",
      "percentile": "0.203"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-23395\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2025-05-26T16:15:20.380\",\"lastModified\":\"2025-05-28T15:01:30.720\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user\u0027s (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges\"},{\"lang\":\"es\",\"value\":\"Screen 5.0.0, al ejecutarse con privilegios setuid-root, no pierde privilegios al operar en una ruta proporcionada por el usuario. Esto permite a usuarios sin privilegios crear archivos en ubicaciones arbitrarias con propiedad root, la propiedad del grupo (real) del usuario que los invoca y el modo de archivo 0644. Todos los datos escritos en el PTY de Screen se registrar\u00e1n en este archivo, lo que permite escalar a privilegios root.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-271\"}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23395\",\"source\":\"meissner@suse.de\"},{\"url\":\"https://www.openwall.com/lists/oss-security/2025/05/12/1\",\"source\":\"meissner@suse.de\"},{\"url\":\"https://www.openwall.com/lists/oss-security/2025/05/12/1\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}"
  }
}

BDU:2025-05618

Vulnerability from fstec - Published: 12.05.2025

Title

Уязвимость функции logfile_reopen() терминального мультиплексора GNU screen, позволяющая нарушителю осуществить запись данных в произвольный файл с root-привилегиями

Description

Уязвимость функции logfile_reopen() терминального мультиплексора GNU screen связана с выполнением операции до сброса привилегий. Эксплуатация уязвимости может позволить нарушителю осуществить запись данных в произвольный файл с root-привилегиями

Severity


                    
                      AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Vendor

ООО «Ред Софт», Сообщество свободного программного обеспечения

Software Name

РЕД ОС (запись в едином реестре российских программ №3751), Screen

Software Version

7.3 (РЕД ОС), до 5.0.1 (Screen)

Possible Mitigations

Установка обновлений из доверенных источников. В связи со сложившейся обстановкой и введенными санкциями против Российской Федерации рекомендуется устанавливать обновления программного обеспечения только после оценки всех сопутствующих рисков. Компенсирующие меры: - использование систем обнаружения и предотвращения вторжений для обнаружения (выявления, регистрации) и реагирования на попытки эксплуатации уязвимостей; - минимизация пользовательских привилегий; - отключение/удаление неиспользуемых учётных записей пользователей. Использование рекомендаций: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=e894caeffccdb62f9c644989a936dc7ec83cc747 Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

Reference

https://git.savannah.gnu.org/cgit/screen.git/commit/?id=e894caeffccdb62f9c644989a936dc7ec83cc747 https://haxx.in/files/limit-your-screentime.sh http://repo.red-soft.ru/redos/7.3c/x86_64/updates/

CWE

CWE-250

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 5.0.1 (Screen)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0438\u0437 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432. \u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0441\u043b\u043e\u0436\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043e\u0431\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0438 \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0430\u043d\u043a\u0446\u0438\u044f\u043c\u0438 \u043f\u0440\u043e\u0442\u0438\u0432 \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0424\u0435\u0434\u0435\u0440\u0430\u0446\u0438\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0441\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0432\u0441\u0435\u0445 \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f (\u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f, \u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0446\u0438\u0438) \u0438 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://git.savannah.gnu.org/cgit/screen.git/commit/?id=e894caeffccdb62f9c644989a936dc7ec83cc747\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.05.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "12.09.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.05.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-05618",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-23395",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Screen",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 logfile_reopen() \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u0443\u043b\u044c\u0442\u0438\u043f\u043b\u0435\u043a\u0441\u043e\u0440\u0430 GNU screen, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0441 root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0418\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441 \u043d\u0435\u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 (CWE-250)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 logfile_reopen() \u0442\u0435\u0440\u043c\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u0443\u043b\u044c\u0442\u0438\u043f\u043b\u0435\u043a\u0441\u043e\u0440\u0430 GNU screen \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u0434\u043e \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0441 root-\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.savannah.gnu.org/cgit/screen.git/commit/?id=e894caeffccdb62f9c644989a936dc7ec83cc747\nhttps://haxx.in/files/limit-your-screentime.sh\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-250",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,6)"
}

CNVD-2025-11926

Vulnerability from cnvd - Published: 2025-06-09

Title

Gnu Screen任意文件创建漏洞

Description

Gnu Screen是美国GNU社区的一个应用软件。提供一个物理终端上获得多个虚拟终端的效果。 Gnu Screen存在任意文件创建漏洞，该漏洞源于logfile_reopen函数未正确丢弃权限，目前没有详细的漏洞细节提供。

Severity

中

Formal description

目前厂商尚未发布升级程序修复该安全问题，详情见厂商官网： https://www.gnu.org/

Reference

https://access.redhat.com/security/cve/cve-2025-23395

Impacted products

Name
Gnu Screen 5.0.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-23395",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-23395"
    }
  },
  "description": "Gnu Screen\u662f\u7f8e\u56fdGNU\u793e\u533a\u7684\u4e00\u4e2a\u5e94\u7528\u8f6f\u4ef6\u3002\u63d0\u4f9b\u4e00\u4e2a\u7269\u7406\u7ec8\u7aef\u4e0a\u83b7\u5f97\u591a\u4e2a\u865a\u62df\u7ec8\u7aef\u7684\u6548\u679c\u3002\n\nGnu Screen\u5b58\u5728\u4efb\u610f\u6587\u4ef6\u521b\u5efa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8elogfile_reopen\u51fd\u6570\u672a\u6b63\u786e\u4e22\u5f03\u6743\u9650\uff0c\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5c1a\u672a\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://www.gnu.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-11926",
  "openTime": "2025-06-09",
  "products": {
    "product": "Gnu Screen 5.0.0"
  },
  "referenceLink": "https://access.redhat.com/security/cve/cve-2025-23395",
  "serverity": "\u4e2d",
  "submitTime": "2025-05-28",
  "title": "Gnu Screen\u4efb\u610f\u6587\u4ef6\u521b\u5efa\u6f0f\u6d1e"
}

FKIE_CVE-2025-23395

Vulnerability from fkie_nvd - Published: 2025-05-26 16:15 - Updated: 2026-04-15 00:35

Severity

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	meissner@suse.de	https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23395
	meissner@suse.de	https://www.openwall.com/lists/oss-security/2025/05/12/1
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.openwall.com/lists/oss-security/2025/05/12/1

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user\u0027s (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges"
    },
    {
      "lang": "es",
      "value": "Screen 5.0.0, al ejecutarse con privilegios setuid-root, no pierde privilegios al operar en una ruta proporcionada por el usuario. Esto permite a usuarios sin privilegios crear archivos en ubicaciones arbitrarias con propiedad root, la propiedad del grupo (real) del usuario que los invoca y el modo de archivo 0644. Todos los datos escritos en el PTY de Screen se registrar\u00e1n en este archivo, lo que permite escalar a privilegios root."
    }
  ],
  "id": "CVE-2025-23395",
  "lastModified": "2026-04-15T00:35:42.020",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "meissner@suse.de",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "meissner@suse.de",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-05-26T16:15:20.380",
  "references": [
    {
      "source": "meissner@suse.de",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23395"
    },
    {
      "source": "meissner@suse.de",
      "url": "https://www.openwall.com/lists/oss-security/2025/05/12/1"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.openwall.com/lists/oss-security/2025/05/12/1"
    }
  ],
  "sourceIdentifier": "meissner@suse.de",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-271"
        }
      ],
      "source": "meissner@suse.de",
      "type": "Secondary"
    }
  ]
}

GHSA-84G7-X869-XFGV

Vulnerability from github – Published: 2025-05-26 18:30 – Updated: 2025-05-26 18:30

Details

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with root ownership, the invoking user's (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges

Severity

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.3 (High)


                  
                    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-23395"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-271"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-26T16:15:20Z",
    "severity": "HIGH"
  },
  "details": "Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user\u0027s (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges",
  "id": "GHSA-84g7-x869-xfgv",
  "modified": "2025-05-26T18:30:25Z",
  "published": "2025-05-26T18:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23395"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23395"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2025/05/12/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

WID-SEC-W-2025-1034

Vulnerability from csaf_certbund - Published: 2025-05-13 22:00 - Updated: 2026-02-16 23:00

Summary

screen: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Screen ist ein Terminalmultiplexer, der es ermöglicht, mehrere Sitzungen innerhalb eines einzigen Terminalfensters zu nutzen.

Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in screen ausnutzen, um seine Privilegien zu erhöhen, Daten zu manipulieren oder Informationen offenzulegen.

Betroffene Betriebssysteme: - Linux

CVE-2025-23395

Affected products

Known affected 8 products

Product	Identifier	Version
Open Source screen <5.0.1 Open Source / screen		<5.0.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerScale OneFS Dell	`cpe:/a:dell:powerscale_onefs:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2025-46802

Affected products

Known affected 8 products

Product	Identifier	Version
Open Source screen <5.0.1 Open Source / screen		<5.0.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerScale OneFS Dell	`cpe:/a:dell:powerscale_onefs:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2025-46803

Affected products

Known affected 8 products

Product	Identifier	Version
Open Source screen <5.0.1 Open Source / screen		<5.0.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerScale OneFS Dell	`cpe:/a:dell:powerscale_onefs:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2025-46804

Affected products

Known affected 8 products

Product	Identifier	Version
Open Source screen <5.0.1 Open Source / screen		<5.0.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerScale OneFS Dell	`cpe:/a:dell:powerscale_onefs:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

CVE-2025-46805

Affected products

Known affected 8 products

Product	Identifier	Version
Open Source screen <5.0.1 Open Source / screen		<5.0.1
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Dell PowerScale OneFS Dell	`cpe:/a:dell:powerscale_onefs:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Open Source Arch Linux Open Source	`cpe:/o:archlinux:archlinux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—

References

24 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://git.savannah.gnu.org/cgit/screen.git/comm…	external
https://git.savannah.gnu.org/cgit/screen.git/comm…	external
https://git.savannah.gnu.org/cgit/screen.git/comm…	external
https://git.savannah.gnu.org/cgit/screen.git/comm…	external
https://git.savannah.gnu.org/cgit/screen.git/comm…	external
https://git.savannah.gnu.org/cgit/screen.git/comm…	external
https://security.archlinux.org/ASA-202505-1	external
https://lists.opensuse.org/archives/list/security…	external
https://alas.aws.amazon.com/AL2/ALAS-2025-2878.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://bodhi.fedoraproject.org/updates/FEDORA-EP…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://bodhi.fedoraproject.org/updates/FEDORA-EP…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://alas.aws.amazon.com/AL2/ALAS2-2025-2878.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://www.dell.com/support/kbdoc/de-de/00039020…	external
https://ubuntu.com/security/notices/USN-7978-1	external
https://lists.suse.com/pipermail/sle-security-upd…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Screen ist ein Terminalmultiplexer, der es erm\u00f6glicht, mehrere Sitzungen innerhalb eines einzigen Terminalfensters zu nutzen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in screen ausnutzen, um seine Privilegien zu erh\u00f6hen, Daten zu manipulieren oder Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-1034 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1034.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-1034 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1034"
      },
      {
        "category": "external",
        "summary": "GNU screen Git commit version 5.0.1 vom 2025-05-13",
        "url": "https://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v5"
      },
      {
        "category": "external",
        "summary": "GNU screen Git commit CVE-2025-23395 vom 2025-05-13",
        "url": "https://git.savannah.gnu.org/cgit/screen.git/commit/?id=e894caeffccdb62f9c644989a936dc7ec83cc747"
      },
      {
        "category": "external",
        "summary": "GNU screen Git commit CVE-2025-46802 vom 2025-05-13",
        "url": "https://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v4\u0026id=049b26b22e197ba3be9c46e5c193032e01a4724a"
      },
      {
        "category": "external",
        "summary": "GNU screen Git commit CVE-2025-46803 vom 2025-05-13",
        "url": "https://git.savannah.gnu.org/cgit/screen.git/commit/?id=d5d7bf43f3842e8b62d5f34eb4b031de7c8098c1"
      },
      {
        "category": "external",
        "summary": "GNU screen Git commit CVE-2025-46804 vom 2025-05-13",
        "url": "https://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v4\u0026id=e0eef5aac453fa98a2664416a56c50ad1d00cb30"
      },
      {
        "category": "external",
        "summary": "GNU screen Git commit CVE-2025-46805 vom 2025-05-13",
        "url": "https://git.savannah.gnu.org/cgit/screen.git/commit/?h=screen-v4\u0026id=161f85b98b7e1d5e4893aeed20f4cdb5e3dfaaa4"
      },
      {
        "category": "external",
        "summary": "Arch Linux Security Advisory ASA-202505-1 vom 2025-05-13",
        "url": "https://security.archlinux.org/ASA-202505-1"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:15164-1 vom 2025-05-27",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EHAVZBGPF26QCKDE25CJVWLHNTDLGTXQ/"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2025-2878 vom 2025-06-12",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2878.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20403-1 vom 2025-06-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021519.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02016-1 vom 2025-06-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021578.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-824E33E598 vom 2025-06-26",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-824e33e598"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2025-70302AABFF vom 2025-06-26",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-70302aabff"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20439-1 vom 2025-06-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021670.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2025-BEEB62AD3C vom 2025-06-30",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-beeb62ad3c"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-F055A0D751 vom 2025-06-30",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-f055a0d751"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2025-653690F2F7 vom 2025-06-30",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-653690f2f7"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2025-2878 vom 2025-06-30",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2878.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02186-1 vom 2025-07-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021732.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-381 vom 2025-11-10",
        "url": "https://www.dell.com/support/kbdoc/de-de/000390206/dsa-2025-381-security-update-for-dell-powerscale-onefs-multiple-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7978-1 vom 2026-01-27",
        "url": "https://ubuntu.com/security/notices/USN-7978-1"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:20304-1 vom 2026-02-13",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024187.html"
      }
    ],
    "source_lang": "en-US",
    "title": "screen: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-02-16T23:00:00.000+00:00",
      "generator": {
        "date": "2026-02-17T09:26:29.664+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2025-1034",
      "initial_release_date": "2025-05-13T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2025-05-13T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-05-27T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-06-12T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-06-15T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-19T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-25T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2025-06-26T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-06-29T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2025-06-30T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2025-07-01T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-11-10T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2026-01-26T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2026-02-16T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "13"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Dell PowerScale OneFS",
            "product": {
              "name": "Dell PowerScale OneFS",
              "product_id": "T048394",
              "product_identification_helper": {
                "cpe": "cpe:/a:dell:powerscale_onefs:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Arch Linux",
            "product": {
              "name": "Open Source Arch Linux",
              "product_id": "T013312",
              "product_identification_helper": {
                "cpe": "cpe:/o:archlinux:archlinux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c5.0.1",
                "product": {
                  "name": "Open Source screen \u003c5.0.1",
                  "product_id": "T043696"
                }
              },
              {
                "category": "product_version",
                "name": "5.0.1",
                "product": {
                  "name": "Open Source screen 5.0.1",
                  "product_id": "T043696-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:gnu:screen:5.0.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "screen"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-23395",
      "product_status": {
        "known_affected": [
          "T043696",
          "T002207",
          "T048394",
          "T000126",
          "T013312",
          "T027843",
          "398363",
          "74185"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-23395"
    },
    {
      "cve": "CVE-2025-46802",
      "product_status": {
        "known_affected": [
          "T043696",
          "T002207",
          "T048394",
          "T000126",
          "T013312",
          "T027843",
          "398363",
          "74185"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-46802"
    },
    {
      "cve": "CVE-2025-46803",
      "product_status": {
        "known_affected": [
          "T043696",
          "T002207",
          "T048394",
          "T000126",
          "T013312",
          "T027843",
          "398363",
          "74185"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-46803"
    },
    {
      "cve": "CVE-2025-46804",
      "product_status": {
        "known_affected": [
          "T043696",
          "T002207",
          "T048394",
          "T000126",
          "T013312",
          "T027843",
          "398363",
          "74185"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-46804"
    },
    {
      "cve": "CVE-2025-46805",
      "product_status": {
        "known_affected": [
          "T043696",
          "T002207",
          "T048394",
          "T000126",
          "T013312",
          "T027843",
          "398363",
          "74185"
        ]
      },
      "release_date": "2025-05-13T22:00:00.000+00:00",
      "title": "CVE-2025-46805"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-23395 (GCVE-0-2025-23395)

BDU:2025-05618

CNVD-2025-11926

FKIE_CVE-2025-23395

GHSA-84G7-X869-XFGV

WID-SEC-W-2025-1034

Tags

Sightings

Nomenclature