1. Forum
  2. tqwNet
  3. TQW LINUX

  • Multiple security issues in Screen

    From LWN.net@1337:1/100 to All on Monday, May 12, 2025 22:00:08
    Multiple security issues in Screen

    Date:
    Mon, 12 May 2025 20:58:56 +0000

    Description:
    The SUSE Security Team has published an article detailing several security issues it has uncovered with GNU Screen . This includes
    a local root exploit when Screen is shipped setuid-root, as it is in
    some Linux and BSD distributions. The security team also reports problems
    in coordinating disclosure with the upstream Screen project. We are not satisfied with how this coordinated disclosure developed,
    and we will try to be more attentive to such problematic situations
    early on in the future. This experience also sheds light on the
    overall situation of Screen upstream. It looks like it suffers from a
    lack of manpower and expertise, which is worrying for such a
    widespread open source utility. We hope this publication can help to
    draw attention to this and to improve this situation in the future. The article includes a table of operating systems, screen versions, and which vulnerabilities they
    may be affected by.

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/1020901/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)