Arch Linux Security Advisory Update: Screen Package Vulnerabilities
On May 13, 2025, Arch Linux released an important security advisory (ASA-202505-1) regarding the `screen` package, which is susceptible to multiple vulnerabilities. Users are advised to upgrade their `screen` version to 5.0.0-3 to mitigate these risks.
1. CVE-2025-23395 - Privilege Escalation: Unprivileged users can exploit the `logfile_reopen()` function when `screen` operates with setuid-root privileges, allowing them to create files with root ownership.
2. CVE-2025-46802 - Access Restriction Bypass: A race condition arises in the `Attach()` function when the multiattach flag is set, enabling other users to access the caller’s TTY temporarily.
3. CVE-2025-46803 - Access Restriction Bypass: A change in the default permissions of pseudo terminals (PTYs) from 0620 to 0622 permits any user to write to any Screen PTYs.
4. CVE-2025-46804 - Privilege Escalation: An information leak occurs when checking the `SocketPath`, revealing sensitive path data to unprivileged users.
5. CVE-2025-46805 - Denial of Service: Race conditions in signal handling could potentially allow local denial of service or minor integrity violations by sending signals to privileged processes.
On May 13, 2025, Arch Linux released an important security advisory (ASA-202505-1) regarding the `screen` package, which is susceptible to multiple vulnerabilities. Users are advised to upgrade their `screen` version to 5.0.0-3 to mitigate these risks.
Summary of Vulnerabilities:
The vulnerabilities primarily affect versions of `screen` prior to 5.0.0-3 and include:1. CVE-2025-23395 - Privilege Escalation: Unprivileged users can exploit the `logfile_reopen()` function when `screen` operates with setuid-root privileges, allowing them to create files with root ownership.
2. CVE-2025-46802 - Access Restriction Bypass: A race condition arises in the `Attach()` function when the multiattach flag is set, enabling other users to access the caller’s TTY temporarily.
3. CVE-2025-46803 - Access Restriction Bypass: A change in the default permissions of pseudo terminals (PTYs) from 0620 to 0622 permits any user to write to any Screen PTYs.
4. CVE-2025-46804 - Privilege Escalation: An information leak occurs when checking the `SocketPath`, revealing sensitive path data to unprivileged users.
5. CVE-2025-46805 - Denial of Service: Race conditions in signal handling could potentially allow local denial of service or minor integrity violations by sending signals to privileged processes.
Resolution Steps:
To address these vulnerabilities, users must run the following command to upgrade to the secure version:While upstream fixes have been made, no new release has been issued yet.pacman -Syu "screen&rt;=5.0.0-3"
Impact:
These vulnerabilities allow local unprivileged users to escalate their privileges, posing significant security risks to affected systems.Additional References:
Users can find further information and details regarding these vulnerabilities through the provided links, including discussions on security mailing lists and commit logs from the `screen` development repository.Conclusion:
All Arch Linux users utilizing the `screen` package are strongly encouraged to upgrade to the latest version to safeguard their systems against potential attacks stemming from these identified vulnerabilities. Regular updates and vigilance are essential for maintaining system securityScreen update for Arch Linux
Updated screen packages have been released for Arch Linux:
[ASA-202505-1] screen: multiple issues
