Lucene search

K
rosalinuxROSA LABROSA-SA-2023-2249
HistoryOct 21, 2023 - 1:15 p.m.

Advisory ROSA-SA-2023-2249

2023-10-2113:15:43
ROSA LAB
abf.rosalinux.ru
8
xrdp server
remote execution
arbitrary code
unauthorized access
update
buffer overflow
denial of service

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.6%

software: xrdp 0.9.22.1
OS: ROSA-CHROME

package_evr_string: xrdp-0.9.22.1-1.src.rpm

CVE-ID: CVE-2022-23468
BDU-ID: 2022-07312
CVE-Crit: CRITICAL
CVE-DESC.: A vulnerability in the xrdp_login_wnd_create() function of the XRDP server involves buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update xrdp

CVE-ID: CVE-2022-23477
BDU-ID: 2022-07224
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the audin_send_open function of the xrdp server is related to the possibility of a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a remote machine
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update xrdp

CVE-ID: CVE-2022-23478
BDU-ID: 2022-07225
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the xrdp_mm_trans_process_drdynvc_channel_open function of the XRDP server is related to the ability to write outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to a remote machine
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update xrdp

CVE-ID: CVE-2022-23479
BDU-ID: 2022-07309
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the xrdp_mm_chan_data_in() function of the XRDP server is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update xrdp

CVE-ID: CVE-2022-23480
BDU-ID: 2022-07306
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the devredir_proc_client_devlist_announce_req() function of the XRDP server is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update xrdp

CVE-ID: CVE-2022-23481
BDU-ID: 2022-07313
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the xrdp_caps_process_confirm_active() function of the XRDP server involves reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information or cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update xrdp

CVE-ID: CVE-2022-23482
BDU-ID: 2022-07311
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the xrdp_sec_process_mcs_data_CS_CORE() function of the XRDP server involves reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information or cause a denial-of-service condition
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update xrdp

CVE-ID: CVE-2022-23483
BDU-ID: 2022-07308
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the libxrdp_send_to_channel() function of the XRDP server is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update xrdp

CVE-ID: CVE-2022-23484
BDU-ID: 2022-07307
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the xrdp_mm_process_rail_update_window_text() function of the XRDP server involves an integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update xrdp

CVE-ID: CVE-2022-23493
BDU-ID: 2022-07310
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the xrdp_mm_trans_process_drdynvc_channel_close() function of the XRDP server is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information or cause denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update xrdp

OSVersionArchitecturePackageVersionFilename
ROSAanynoarchxrdp< 0.9.22.1UNKNOWN

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.6%