Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2023-24626

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. (CVE-2023-24626)

Source

ALAS2-2023-2023

Amazon Linux 2 Security Advisory: ALAS-2023-2023
Advisory Release Date: 2023-04-27 18:36 Pacific
Advisory Updated Date: 2023-05-02 19:18 Pacific

Severity: Low

References: CVE-2023-24626
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. (CVE-2023-24626)

Affected Packages:

screen

Issue Correction:
Run yum update screen to update your system.

New Packages:

aarch64:
    screen-4.1.0-0.27.20120314git3c2946.amzn2.0.1.aarch64
    screen-debuginfo-4.1.0-0.27.20120314git3c2946.amzn2.0.1.aarch64

i686:
    screen-4.1.0-0.27.20120314git3c2946.amzn2.0.1.i686
    screen-debuginfo-4.1.0-0.27.20120314git3c2946.amzn2.0.1.i686

src:
    screen-4.1.0-0.27.20120314git3c2946.amzn2.0.1.src

x86_64:
    screen-4.1.0-0.27.20120314git3c2946.amzn2.0.1.x86_64
    screen-debuginfo-4.1.0-0.27.20120314git3c2946.amzn2.0.1.x86_64

Additional References

Red Hat: CVE-2023-24626

Mitre: CVE-2023-24626

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2-2023-2023

ALAS2-2023-2023

Additional References

Vulmon Search

About

Products

Connect