CVE-2025-46803 | THREATINT

Description

The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system.

PUBLISHED Reserved 2025-04-30 | Published 2025-05-26 | Updated 2025-05-27 | Assigner suse

MEDIUM: 5.0CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

MEDIUM: 5.1CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-276: Incorrect Default Permissions

Product status

Default status

unaffected

5.0 (semver)

affected

Credits

Matthias Gerstner, SUSE finder

References

www.openwall.com/lists/oss-security/2025/05/13/6

www.openwall.com/lists/oss-security/2025/05/12/1 exploit

bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46803

www.openwall.com/lists/oss-security/2025/05/12/1

cve.org (CVE-2025-46803)

nvd.nist.gov (CVE-2025-46803)

Download JSON