Advisories ยป MGASA-2024-0057

Updated screen packages fix security vulnerability

Publication date: 13 Mar 2024
Modification date: 13 Mar 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-24626


The updated package fixes a security vulnerability:
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid
(the default on platforms such as Arch Linux and FreeBSD), allows local
users to send a privileged SIGHUP signal to any PID, causing a denial of
service or disruption of the target process. (CVE-2023-24626)