CVE-2025-46803
Publication date 8 May 2025
Last updated 3 July 2025
Ubuntu priority
The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| screen | 25.04 plucky |
Not affected
|
| 24.04 LTS noble |
Not affected
|
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Not affected
|
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
Notes
mdeslaur
only 5.0.0 is vulnerable, but older version should explicitly be compiled with the option to force the proper mode as a packaging build improvement. Ubuntu only has older versions, and the recommended option change would only be a build change which should not result in a change in any binary package.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
5.0 · Medium
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | Required |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | High |
| Availability impact | None |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N |