RLSA-2025:10742

Опубликовано: 29 июл. 2025

Источник: rocky

Оценка: Moderate

Описание

Moderate: gnome-remote-desktop security update

GNOME Remote Desktop is a remote desktop and screen sharing service for the GNOME desktop environment.

Security Fix(es):

gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs (CVE-2025-5024)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Связанные CVE

CVE-2025-5024

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2367717
Red Hat - 2367717

Связанные уязвимости

CVE-2025-5024

CVSS3: 7.4

ubuntu

3 месяца назад

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.