Alerts This Week
Warning Icon 1 1,020
Alerts This Week
Warning Icon 1 1,020

Fedora 42: Local Root Exploit and Configuration Update Announcement

fedora
Calendar Grey July 19, 2025
Dist Fedora Esm H88
Fedora 42 release tackles security vulnerabilities and settings adjustments in the screen tool. Prompt upgrade advised.

Update default config options for build

Summary

The screen utility allows you to have multiple logins on just one

terminal. Screen is useful for users who telnet into a machine or are

connected via a dumb terminal, but want to use more than just one

login.

Install the screen package if you need a screen manager that can

support multiple logins on one terminal.

Update Information:

Update default config options for build. New upstream release 5.0.1

Topics%20covered

Topics Covered

security advisory local root exploit fedora screen config update TTY hijacking

Change Log

* Mon Jun 30 2025 Josef Ridky <jridky@redhat.com> - 5.0.1-4 - Modify configuration options to reflect changes in version 5.0.1 * Sat Jun 28 2025 Charles R. Anderson <cra@alum.wpi.edu> - 5.0.1-3 - Add --enable-socket-dir - Resolves: rhbz#2375347 * Wed Jun 25 2025 Josef Ridky <jridky@redhat.com> - 5.0.1-2 - Unify patch name * Thu May 29 2025 Dick Marinus <dick@mrns.nl> - 5.0.1-1 - New upstream release 5.0.1 (#2366507) * Tue Feb 11 2025 Zbigniew J\u0119drzejewski-Szmek <zbyszek@in.waw.pl> - 5.0.0-4 - Add sysusers.d config file to allow rpm to create users/groups automatically * Sat Feb 1 2025 Bjrn Esser <besser82@fedoraproject.org> - 5.0.0-3 - Add explicit BR: libxcrypt-devel

References


[ 1 ] Bug #2362065 - [abrt] screen: strncpy(): screen killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=2362065 [ 2 ] Bug #2366507 - screen-5.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2366507 [ 3 ] Bug #2367169 - Backport to F42: Add sysusers.d config file to allow rpm to create users/groups automatically https://bugzilla.redhat.com/show_bug.cgi?id=2367169 [ 4 ] Bug #2368500 - CVE-2025-46803 screen: Screen by Default Creates World Writable PTYs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2368500 [ 5 ] Bug #2368501 - CVE-2025-46803 screen: Screen by Default Creates World Writable PTYs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2368501 [ 6 ] Bug #2368503 - CVE-2025-46802 screen: TTY Hijacking while Attaching to a Multiuser Session [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2368503 [ 7 ] Bug #2368504 - CVE-2025-46802 screen: TTY Hijacking while...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f055a0d751' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: screen
Product: Fedora 42
Version: 5.0.1
Release: 4.fc42
URL: http://www.gnu.org/software/screen
Summary: A screen manager that supports multiple logins on one terminal

Topics%20covered

Topics Covered

security advisory local root exploit fedora screen config update TTY hijacking

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here