Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-46805

Опубликовано: 12 мая 2025
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.

A flaw was found in Screen. A possible denial of service caused by race conditions when sending signals exists. The CheckPid() function drops privileges to the real user ID and tests whether the kernel can send a signal to the target PID using these credentials. The signal is sent later via Kill(), potentially using full root privileges. By this time, the previously checked PID could have been replaced by a different, privileged process. It might also be possible to trick the privileged Screen daemon process into sending signals to itself since a process is always allowed to send signals to itself.

Отчет

This is a moderate vulnerability because it involves a TOCTOU race condition with limited impact: only SIGCONT and SIGHUP signals can be sent, which do not allow arbitrary code execution or privilege escalation. Exploitation requires precise PID reuse timing, reducing reliability. Although it breaks privilege separation by using root rights after a lower-privileged check, the constrained effect—primarily minor integrity issues or local DoS—limits its severity.

Меры по смягчению последствий

No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6screenOut of support scope
Red Hat Enterprise Linux 7screenOut of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-362
https://bugzilla.redhat.com/show_bug.cgi?id=2364203screen: Race Conditions when Sending Signals

EPSS

Процентиль: 2%
0.00015
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-46805

CVSS3: 5.5
ubuntu
3 месяца назад

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.

nvd логотип

CVE-2025-46805

CVSS3: 5.5
nvd
3 месяца назад

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.

debian логотип

CVE-2025-46805

CVSS3: 5.5
debian
3 месяца назад

Screen version 5.0.0 and older version 4 releases have a TOCTOU race ...

github логотип

GHSA-v9hv-wgmv-7qj2

CVSS3: 5.5
github
3 месяца назад

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.

EPSS

Процентиль: 2%
0.00015
Низкий

5.5 Medium

CVSS3