Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:9307

Опубликовано: 03 окт. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

Security Fix(es):

  • gnome-remote-desktop: freerdp: Unauthenticated RDP Packet Causes Segfault in FreeRDP Leading to Denial of Service (CVE-2025-4478)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 10

НаименованиеАрхитектураРелизRPM
freerdpx86_643.el10_0freerdp-3.10.3-3.el10_0.x86_64.rpm
freerdp-libsx86_643.el10_0freerdp-libs-3.10.3-3.el10_0.x86_64.rpm
libwinprx86_643.el10_0libwinpr-3.10.3-3.el10_0.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-4478

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2025-4478

CVSS3: 7.1
ubuntu
6 месяцев назад

A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.

redhat логотип

CVE-2025-4478

CVSS3: 7.1
redhat
6 месяцев назад

A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.

nvd логотип

CVE-2025-4478

CVSS3: 7.1
nvd
6 месяцев назад

A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.

debian логотип

CVE-2025-4478

CVSS3: 7.1
debian
6 месяцев назад

A flaw was found in the FreeRDP used by Anaconda's remote install feat ...

github логотип

GHSA-3p57-rq4q-233x

CVSS3: 7.1
github
6 месяцев назад

A flaw was found in the gnome-remote-desktop used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.