ALPINE-CVE-2025-46805

See a problem?
Please try reporting it to the source first.

Source

https://security.alpinelinux.org/vuln/CVE-2025-46805

Import Source

https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-46805.json

JSON Data

https://api.osv.dev/v1/vulns/ALPINE-CVE-2025-46805

Upstream

CVE-2025-46805

Published

2025-05-26T14:15:20.037Z

Modified

2025-12-03T22:59:20.703450Z

Severity

5.7 (Medium) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root.

References

https://security.alpinelinux.org/vuln/CVE-2025-46805

Affected packages

Alpine:v3.18

screen

Package

Name: screen
Purl: pkg:apk/alpine/screen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.9.1_git20250512-r0

Affected versions

4.*

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.3-r4

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.1-r3

4.3.1-r0

4.3.1-r1

4.3.1-r2

4.3.1-r3

4.3.1-r4

4.4.0-r0

4.5.0-r0

4.5.1-r0

4.5.1-r1

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.2-r0

4.7.0-r0

4.8.0-r0

4.8.0-r1

4.8.0-r2

4.8.0-r3

4.8.0-r4

4.8.0-r5

4.8.0-r6

4.9.0-r0

4.9.0-r1

4.9.0-r2

4.9.0-r3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-46805.json"

Alpine:v3.19

screen

Package

Name: screen
Purl: pkg:apk/alpine/screen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.9.1_git20250512-r0

Affected versions

4.*

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.3-r4

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.1-r3

4.3.1-r0

4.3.1-r1

4.3.1-r2

4.3.1-r3

4.3.1-r4

4.4.0-r0

4.5.0-r0

4.5.1-r0

4.5.1-r1

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.2-r0

4.7.0-r0

4.8.0-r0

4.8.0-r1

4.8.0-r2

4.8.0-r3

4.8.0-r4

4.8.0-r5

4.8.0-r6

4.9.0-r0

4.9.0-r1

4.9.0-r2

4.9.0-r3

4.9.0-r4

4.9.0-r5

4.9.1-r0

4.9.1-r1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-46805.json"

Alpine:v3.20

screen

Package

Name: screen
Purl: pkg:apk/alpine/screen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.9.1_git20250512-r0

Affected versions

4.*

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.3-r4

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.1-r3

4.3.1-r0

4.3.1-r1

4.3.1-r2

4.3.1-r3

4.3.1-r4

4.4.0-r0

4.5.0-r0

4.5.1-r0

4.5.1-r1

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.2-r0

4.7.0-r0

4.8.0-r0

4.8.0-r1

4.8.0-r2

4.8.0-r3

4.8.0-r4

4.8.0-r5

4.8.0-r6

4.9.0-r0

4.9.0-r1

4.9.0-r2

4.9.0-r3

4.9.0-r4

4.9.0-r5

4.9.1-r0

4.9.1-r1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-46805.json"

Alpine:v3.21

screen

Package

Name: screen
Purl: pkg:apk/alpine/screen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.1-r0

Affected versions

4.*

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.3-r4

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.1-r3

4.3.1-r0

4.3.1-r1

4.3.1-r2

4.3.1-r3

4.3.1-r4

4.4.0-r0

4.5.0-r0

4.5.1-r0

4.5.1-r1

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.2-r0

4.7.0-r0

4.8.0-r0

4.8.0-r1

4.8.0-r2

4.8.0-r3

4.8.0-r4

4.8.0-r5

4.8.0-r6

4.9.0-r0

4.9.0-r1

4.9.0-r2

4.9.0-r3

4.9.0-r4

4.9.0-r5

4.9.1-r0

4.9.1-r1

4.9.1-r2

5.*

5.0.0-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-46805.json"

Alpine:v3.22

screen

Package

Name: screen
Purl: pkg:apk/alpine/screen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.1-r0

Affected versions

4.*

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.3-r4

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.1-r3

4.3.1-r0

4.3.1-r1

4.3.1-r2

4.3.1-r3

4.3.1-r4

4.4.0-r0

4.5.0-r0

4.5.1-r0

4.5.1-r1

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.2-r0

4.7.0-r0

4.8.0-r0

4.8.0-r1

4.8.0-r2

4.8.0-r3

4.8.0-r4

4.8.0-r5

4.8.0-r6

4.9.0-r0

4.9.0-r1

4.9.0-r2

4.9.0-r3

4.9.0-r4

4.9.0-r5

4.9.1-r0

4.9.1-r1

4.9.1-r2

5.*

5.0.0-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-46805.json"

Alpine:v3.23

screen

Package

Name: screen
Purl: pkg:apk/alpine/screen?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.1-r0

Affected versions

4.*

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.3-r4

4.2.1-r0

4.2.1-r1

4.2.1-r2

4.2.1-r3

4.3.1-r0

4.3.1-r1

4.3.1-r2

4.3.1-r3

4.3.1-r4

4.4.0-r0

4.5.0-r0

4.5.1-r0

4.5.1-r1

4.6.0-r0

4.6.1-r0

4.6.1-r1

4.6.2-r0

4.7.0-r0

4.8.0-r0

4.8.0-r1

4.8.0-r2

4.8.0-r3

4.8.0-r4

4.8.0-r5

4.8.0-r6

4.9.0-r0

4.9.0-r1

4.9.0-r2

4.9.0-r3

4.9.0-r4

4.9.0-r5

4.9.1-r0

4.9.1-r1

4.9.1-r2

5.*

5.0.0-r0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2025-46805.json"