Описание
Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.9.1-3ubuntu1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | needs-triage | |
| esm-infra/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | released | 4.9.0-1ubuntu0.1 |
| noble | released | 4.9.1-1ubuntu1 |
| oracular | ignored | end of life, was needs-triage |
| plucky | ignored | end of life, was needs-triage |
Показывать по
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.
Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.
Screen version 5.0.0 and older version 4 releases have a TOCTOU race ...
Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.
Уязвимость терминального мультиплексора GNU screen, связанная с ошибками синхронизации при использовании общего ресурса («Ситуация гонки»), позволяющая нарушителю повысить привилегии
EPSS
5.5 Medium
CVSS3