Updated screen packages fix security vulnerability
Publication date: 13 Mar 2024Modification date: 13 Mar 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-24626
Description
The updated package fixes a security vulnerability: socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms such as Arch Linux and FreeBSD), allows local users to send a privileged SIGHUP signal to any PID, causing a denial of service or disruption of the target process. (CVE-2023-24626)
References
SRPMS
9/core
- screen-4.9.0-4.1.mga9