Описание
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
Отчет
The severity of this issue is assessed as moderate rather than high, primarily because successful exploitation requires the remote installation feature to be explicitly enabled by the system administrator a non-default configuration in most RHEL deployments. The vulnerability arises during a pre-boot phase where a crafted RDP packet can trigger a segmentation fault in gnome-remote-desktop via FreeRDP, leading to a denial of service. While impactful, this scenario is limited to specific use cases, such as unattended remote installations, and does not result in privilege escalation or arbitrary code execution. Furthermore, the flaw appears to stem from a null-pointer dereference, which generally results in a crash without introducing broader system compromise. The attack requires network access to the installer at a precise phase of its operation and is constrained by the need for a custom setup (e.g., RDP-based installs). As such, while the vulnerability does impact system availability under targeted conditions, its exploitability is restricted by environmental requirements and lack of persistence post-reboot, thereby reducing its overall risk profile compared to vulnerabilities that enable remote code execution or affect default system behavior.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | freerdp | Affected | ||
| Red Hat Enterprise Linux 8 | freerdp | Not affected | ||
| Red Hat Enterprise Linux 9 | freerdp | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
A flaw was found in the FreeRDP used by Anaconda's remote install feat ...
A flaw was found in the gnome-remote-desktop used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
EPSS
7.1 High
CVSS3