CVE-2025-5024
Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Produtos afetados
Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat In-Vehicle Operating System 1Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2025:10631https://access.redhat.com/errata/RHSA-2025:10635https://access.redhat.com/errata/RHSA-2025:10742https://access.redhat.com/errata/RHSA-2025:11403https://access.redhat.com/errata/RHSA-2025:11404https://access.redhat.com/errata/RHSA-2025:11405https://access.redhat.com/errata/RHSA-2025:11406https://access.redhat.com/errata/RHSA-2025:11407https://access.redhat.com/errata/RHSA-2025:11408https://access.redhat.com/errata/RHSA-2025:11418https://access.redhat.com/security/cve/CVE-2025-5024https://bugzilla.redhat.com/show_bug.cgi?id=2367717