CVE-2025-46803: 
Linux Red Hat vulnerability analysis and mitigation

A security vulnerability (CVE-2025-46803) was discovered in GNU Screen version 5.0.0 where the default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622. The issue was identified during a security audit by the SUSE Security Team and disclosed on May 13, 2025. This change occurred when the configure.ac file was rewritten in Screen version 5.0.0, dropping the previous safe default mode (OpenWall Report).

The vulnerability stems from a modification in the default PTY mode settings during a configure.ac file rewrite. The previous safe default of 0620 was replaced with 0622, which allows anyone to write to any Screen PTYs in the system. The CVSS v3.1 Base Score is 5.0 (MEDIUM) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N. The CVSS v4.0 score is 5.1 (MEDIUM) with vector string CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N (NVD Database).

The vulnerability allows unauthorized users to write to any Screen PTYs in the system, potentially leading to command injection or manipulation of terminal sessions. While this vulnerability doesn't include information leak aspects, it presents significant security risks for multi-user systems, particularly impacting systems where Screen is installed with default configurations (Wiz Security).

The recommended fix is to restore the safe default PTY mode in the configure.ac script to 0620. Package maintainers are advised to explicitly pass the configure switch --with-pty-mode=0620 to make this choice explicit, even on older releases of Screen. For affected systems, administrators should recompile Screen with the correct PTY mode settings (OpenWall Report).