Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-46802

Опубликовано: 13 мая 2025
Источник: redhat
CVSS3: 7.8
EPSS Низкий

Описание

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

A flaw was found in Screen, allowing TTY hijacking during attachment to a multiuser session. The issue with this temporary TTY mode change is that it introduces a race condition that allows any other user in the system to open the caller's TTY for reading and writing for a small period of time.

Отчет

This vulnerability is an Important local privilege escalation vector rather than a mere moderate flaw due to its exploitation potential during the short-lived but dangerously permissive window created by chmod(attach_tty, 0666). Even though the exposure of the TTY permissions may appear transient, this window allows attackers with local access to reliably read and inject arbitrary data into the victim’s TTY, including sensitive inputs like passwords or session-specific commands. The race condition inherent in the Attach() function’s logic multiplies the risk since TTY access for the duration of this window can be repeatedly attempted and exploited with high success rates. Furthermore, this vulnerability bypasses the usual privilege separation model of multi-user systems by enabling an unprivileged attacker to subvert the victim’s TTY in ways that can directly compromise the user’s session integrity and lead to further exploitation, such as terminal escape attacks or sophisticated phishing scenarios.

Меры по смягчению последствий

No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6screenOut of support scope
Red Hat Enterprise Linux 7screenOut of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-362
https://bugzilla.redhat.com/show_bug.cgi?id=2364199screen: TTY Hijacking while Attaching to a Multiuser Session

EPSS

Процентиль: 1%
0.00012
Низкий

7.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-46802

CVSS3: 6
ubuntu
24 дня назад

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

nvd логотип

CVE-2025-46802

CVSS3: 6
nvd
24 дня назад

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

debian логотип

CVE-2025-46802

CVSS3: 6
debian
24 дня назад

For a short time they PTY is set to mode 666, allowing any user on the ...

github логотип

GHSA-rh76-vmrr-w867

CVSS3: 6
github
24 дня назад

For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session.

EPSS

Процентиль: 1%
0.00012
Низкий

7.8 High

CVSS3