Are you using GNU Screen terminal multiplexer? If so, there is important news for you! A new version, GNU Screen 5.0.1, has just been released. This isn't a release with fancy new features. Instead, it's a critical security fix release.
GNU Screen is a popular terminal multiplexer or window manager that allows you to manage multiple terminal sessions in Linux or Unix systems. It's great because it lets your programs keep running even if you disconnect from your computer.
Table of Contents
Why You Should Update GNU Screen Now
Recently, some security experts from the SUSE Security Team took a close look at the Screen program. They found several security problems in GNU Screen. The good news is that the new Screen 5.0.1 version fixes these problems.
Some of these issues were found in the newer Screen 5.0.0 version (which came out in August 2024), while others have been present in older versions like 4.9.1 for a long time.
What Kind of Problems Were Fixed in GNU Screen 5.0.1?
The SUSE security team found a few different types of issues:
- Serious Control Problem (Local Root Exploit): In Screen version 5.0.0, if it was set up to run with special, powerful system permissions (called setuid-root), a regular user could potentially use a flaw related to how screen handles log files to gain full control of the system, like the administrator (root). This was a major find. This issue is tracked as CVE-2025-23395.
- Terminal Hijacking Risks: When connecting to shared Screen sessions, a temporary change in how Screen handles terminal permissions could allow another user to spy on what you type or even inject commands into your terminal session for a short time. This issue is called CVE-2025-46802. This problem has been around in Screen for a long time, since at least 2005.
- Default Permissions Issue: The Screen 5.0.0 version changed its default setup to make new virtual terminals (PTYs) writable by everyone on the system by default. This could lead to some of the same problems as the hijacking issue. This was likely not intended and is tracked as CVE-2025-46803.
- Small Information Leak: Under specific conditions, if Screen was running with those special setuid-root permissions, it was possible for a user to figure out if certain files or folders existed on the system, even if they shouldn't normally have that information. This is tracked as CVE-2025-46804.
- Timing Issues: There were potential timing problems that could allow attackers to interfere with signals sent to programs, potentially causing programs to stop or misbehave. This is tracked as CVE-2025-46805.
The 5.0.1 update includes fixes for all these security concerns. It also fixes a bug in version 5.0.0 that could cause Screen to crash when sending commands.
Who Might Be Affected?
The most serious issues, like the local root exploit (CVE-2025-23395), only affected systems where Screen 5.0.0 was installed to run with the special setuid-root permissions.
While many Linux systems don't set up Screen this way, some do, including Arch Linux and NetBSD. FreeBSD also installs Screen setuid-root, but was still on version 4.9.1. Gentoo Linux can be set up with setuid-root permissions optionally.
However, some of the other issues (CVE-2025-46802, CVE-2025-46804, CVE-2025-46805) affected Screen versions 5.0.0 and older ones like 4.9.1 when running setuid-root.
A "lighter" version of the terminal hijacking issue (CVE-2025-46802) even affects Screen when not setuid-root, if a user attempts to join a multi-user session they own.
The unsafe default PTY mode (CVE-2025-46803) affected Arch Linux and NetBSD running 5.0.0.
What You Should Do Now
The best thing to do is update to GNU Screen 5.0.1 as soon as possible.
If your operating system distribution (like Ubuntu, Debian, Fedora, etc.) provides an update for Screen, use their update system to get the new version. This is usually the easiest and safest way to update your software.
Debian/Ubuntu-based Distributions:
sudo apt update sudo apt upgrade screen
Fedora/Red Hat:
# For Fedora/RHEL sudo dnf update screen # For older RHEL/CentOS with yum sudo yum update screen
Arch Linux:
sudo pacman -Syu screen
openSUSE:
sudo zypper update screen
Gentoo:
sudo emerge --sync sudo emerge --update screen
Alpine Linux:
sudo apk update sudo apk upgrade screen
If you build Screen from the source code, you can find the official 5.0.1 release files available for download.
After updating, you can verify the installation with:
screen --version
To take advantage of the new version, you may need to restart any running screen sessions. You can list your current sessions with screen -ls and reattach to them with screen -r [session-id].
For more details about GNU Screen usage, refer the following guide:
