Published: 08/04/2023 Updated: 19/04/2023

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 0

socket.c in GNU Screen up to and including 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu screen

socketc in GNU Screen through 490, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process (CVE-2023-24626) ...

DescriptionThe MITRE CVE dictionary describes this issue as: socketc in GNU Screen through 490, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process ...

NVD-CWE-noinfo https://git.savannah.gnu.org/cgit/screen.git/patch/?id=e9ad41bfedb4537a6f0de20f00b27c7739f168f7 https://www.exploit-db.com/exploits/51252 https://savannah.gnu.org/bugs/?63195 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2023.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-24626

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect