Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Ubuntu 18.04: 6198-1 Critical: GNU Screen Application Crash

Calendar Jul 03, 2023 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service critical issue application crash ubuntu gnu screen
GNU Screen could be made to crash applications if it received specially crafted input. 
=========================================================================Ubuntu Security Notice USN-6198-1
July 03, 2023

screen vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

GNU Screen could be made to crash applications if it received specially
crafted input.

Software Description:
- screen: terminal multiplexer with VT100/ANSI terminal emulation

Details:

It was discovered that GNU Screen was not properly checking user
identifiers before sending certain signals to target processes. If GNU
Screen was installed as setuid or setgid, a local attacker could possibly
use this issue to cause a denial of service on a target application.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
   screen                          4.6.2-1ubuntu1.1+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
   screen                          4.3.1-2ubuntu0.1+esm1

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
   screen 4.1.0~20120320gitdb59704-9ubuntu0.1~esm3

In general, a standard system update will make all the necessary changes.

References:
   https://ubuntu.com/security/notices/USN-6198-1
   CVE-2023-24626

Ubuntu 18.04: 6198-1 Critical: GNU Screen Application Crash

ubuntu
Calendar Grey July 3, 2023
Dist Ubuntu Esm H88
Ubuntu 7102-2 resolves a significant vulnerability in GNU Screen that may lead to program failures. Upgrade promptly to ensure your system's safety.
GNU Screen could be made to crash applications if it received specially crafted input.

Summary

Topics%20covered

Topics Covered

security advisory denial of service critical issue application crash ubuntu gnu screen

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro):   screen                          4.6.2-1ubuntu1.1+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro):   screen                          4.3.1-2ubuntu0.1+esm1 Ubuntu 14.04 LTS (Available with Ubuntu Pro):   screen 4.1.0~20120320gitdb59704-9ubuntu0.1~esm3 In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-6198-1

  CVE-2023-24626

Severity
critical
Lowest
Low
Medium
High
Critical

July 03, 2023

Topics%20covered

Topics Covered

security advisory denial of service critical issue application crash ubuntu gnu screen

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here