Astra Linux – Vulnerability in xrdp

XRDPTRP is an open-source remote desktop protocol server. Access to the font glyphs in xrdppainter.c is not bounded. Since some of this data is controllable by the user, this can lead to an out-of-bounds read within the xrdp executable. The vulnerability allows for an out-of-bounds read within a...

Astra Linux – Vulnerability in xrdp

XRDPT is an open-source remote desktop protocol RDP server. In affected versions, an integer underflow leading to a heap overflow in the SESMAN server allows any unauthenticated attacker who can access the SESMAN server locally to execute code as root. This vulnerability has been patched in versi...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a “Out of Bound Read” issue in the libxrdpsendtochannel function. There are no known solutions to this problem. Users are advise...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a “Out of Bound Read” vulnerability in the xrdpsecprocessmcsdataCSCORE function. There are no known workarounds for this issue...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contains a “Out of Bound Read” issue in the xrdpmmtransprocessdrdynvcchannelclose function. There are no known solutions to this problem. Users are advis...

Fedora 43 : xrdp (2026-8aeca78af9)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8aeca78af9 advisory. Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc. Tenable has extracted the preceding description block...

Fedora 44 : xrdp (2026-9a3a98bc24)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9a3a98bc24 advisory. Close TCP socket in default configuration, because we want just Unix domain socket connections to Xvnc. Tenable has extracted the preceding description block...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contains an out-of-bound read vulnerability in the xrdpcapsprocessconfirm-active function. There are no known workarounds for this issue. Users are advis...

Astra Linux - уязвимость в xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow in the devredirprocclientdevlistannouncereq function. There are no known workarounds for this issue. Use...

CVE-2025-68670: discovering an RCE vulnerability in xrdp

In addition to KasperskyOS-powered solutions, Kaspersky offers various utility software to streamline business operations. For instance, users of Kaspersky Thin Client, an operating system for thin clients, can also purchase Kaspersky USB Redirector, a module that expands the capabilities of the...

Astra Linux – Vulnerability in xrdp

XRDPT is an open-source remote desktop protocol RDP server. In versions prior to 0.9.23, improper handling of session establishment errors allowed bypassing OS-level session restrictions. The authstartsession function could return a non-zero value 1 in the event of, for example, PAM errors. This...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a bug in the xrdpmmtransprocessdrdynvcchannelopen function. There are no known solutions to this issue. Users are advised to...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login interface to remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contain an integer overflow in the xrdpmmprocessrailupdatewindowtext function. There are no known solutions to this issue...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a buffer overflow in the audinsendopen function. There are no known workarounds for this issue. Users are advised to upgrade...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login interface for accessing remote machines using the Microsoft Remote Desktop Protocol RDP. Version 0.9.21 and earlier of xrdp contains a buffer overflow in the xrdploginwndcreate function. There are no known solutions to this issue. Use...

Astra Linux – Vulnerability in xrdp

xrdp is an open-source project that provides a graphical login to remote machines using the Microsoft Remote Desktop Protocol RDP. xrdp versions prior to 0.9.21 contain a buffer overflow in the xrdpmmchandatain function. There are no known workarounds for this issue. Users are advised to upgrade...

[SECURITY] Fedora 44 Update: xrdp-0.10.6-1.fc44

xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client...

Fedora 44 : xrdp (2026-ad9e109ad8)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ad9e109ad8 advisory. Security fixes - CVE-2026-32105 - CVE-2026-32107 - CVE-2026-32623 - CVE-2026-32624 - CVE-2026-33145 - CVE-2026-33516 - CVE-2026-33689 - CVE-2026-355...

Fedora 42 : xrdp (2026-f04c228c78)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f04c228c78 advisory. Security fixes - CVE-2026-32105 - CVE-2026-32107 - CVE-2026-32623 - CVE-2026-32624 - CVE-2026-33145 - CVE-2026-33516 - CVE-2026-33689 - CVE-2026-355...

Fedora 43 : xrdp (2026-9417ff0bc5)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9417ff0bc5 advisory. Security fixes - CVE-2026-32105 - CVE-2026-32107 - CVE-2026-32623 - CVE-2026-32624 - CVE-2026-33145 - CVE-2026-33516 - CVE-2026-33689 - CVE-2026-355...