CVE-2025-46802

Опубликовано: 26 мая 2025

Источник: debian

EPSS Низкий

Описание

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

Пакет	Статус	Версия исправления	Релиз	Тип
screen	fixed	4.9.1-3		package

Fixed by: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=049b26b22e197ba3be9c46e5c193032e01a4724a
https://www.openwall.com/lists/oss-security/2025/05/12/1
Has potential to break some reattach use cases, but the specific use case
was broken already before.
screen in Debian not installed setuid or setgid

EPSS

Процентиль: 1%

0.00012

Низкий

CVE-2025-46802

CVSS3: 6

ubuntu

24 дня назад

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

CVE-2025-46802

CVSS3: 7.8

redhat

около 1 месяца назад

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

CVE-2025-46802

CVSS3: 6

nvd

24 дня назад

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

GHSA-rh76-vmrr-w867

CVSS3: 6

github

24 дня назад

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

EPSS

Процентиль: 1%

0.00012

Низкий