CVE-2025-23395

Name of the Vulnerable Software and Affected Versions Screen versions 5.0.0

Description The issue is related to the logfile reopen() function in the GNU screen terminal multiplexer. When Screen runs with setuid-root privileges, it does not drop privileges while operating on a user-supplied path. This allows unprivileged users to create files in arbitrary locations with root ownership, the invoking user's (real) group ownership, and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing escalation to root privileges.

Recommendations For version 5.0.0, update to version 5.0.1 or later to resolve the issue. As a temporary workaround, consider disabling the logfile reopen() function until a patch is available. Restrict access to the Screen PTY to minimize the risk of exploitation. Avoid using the logfile reopen() function in the affected API endpoint until the issue is resolved.