CVE-2023-42822 — Out-of-bounds Read in Xrdp

CWE-125 — Out-of-bounds Read6 documents5 sources

Severity

6.5MEDIUMNVD

CNA4.6OSV9.8

EPSS

0.3%

top 43.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Neutrinolabs Xrdp Fedoraproject Fedora

Timeline

PublishedSep 27

Latest updateNov 8

Description

xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. On non-Debian platforms, xrdp tends to run as root. Potentially an out-of-bounds write can follow the out-of-bounds read. There is no denial-of-service impact, providi…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5neutrinolabs/xrdp< 0.9.23.1

▶NVDneutrinolabs/xrdp< 0.9.23.1

▶Debianneutrinolabs/xrdp< 0.9.21.1-1~deb11u2+3

▶Ubuntuneutrinolabs/xrdp< 0.6.0-1ubuntu0.1+esm3+4

Also affects: Fedora 37, 38

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

xrdp vulnerabilities↗2023-11-08

▶

OSV

CVE-2023-42822: xrdp is an open source remote desktop protocol server↗2023-09-27

▶

CVEList

Unchecked access to font glyph info in xrdp↗2023-09-27

▶

📋Vendor Advisories

Ubuntu

xrdp vulnerabilities↗2023-11-08

▶

Debian

CVE-2023-42822: xrdp - xrdp is an open source remote desktop protocol server. Access to the font glyphs...↗2023

▶