SUSE-SU-2023:4873-1

Опубликовано: 14 дек. 2023

Источник: suse-cvrf

Описание

Security update for xrdp

This update for xrdp fixes the following issues:

CVE-2023-42822: Fixed unchecked access to font glyph info (bsc#1215803).
CVE-2023-40184: Fixed restriction bypass via improper session handling (bsc#1214805).

Список пакетов

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

xrdp-0.9.10-3.16.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

xrdp-0.9.10-3.16.1

SUSE Linux Enterprise Server 12 SP5

xrdp-0.9.10-3.16.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

xrdp-0.9.10-3.16.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20234873-1/
Link for SUSE-SU-2023:4873-1
https://lists.suse.com/pipermail/sle-security-updates/2023-December/017427.html
E-Mail link for SUSE-SU-2023:4873-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1214805
SUSE Bug 1214805
https://bugzilla.suse.com/1215803
SUSE Bug 1215803
https://bugzilla.suse.com/1217759
SUSE Bug 1217759
https://www.suse.com/security/cve/CVE-2023-40184/
SUSE CVE CVE-2023-40184 page
https://www.suse.com/security/cve/CVE-2023-42822/
SUSE CVE CVE-2023-42822 page

Описание

xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. This issue has been addressed in release version 0.9.23. Users are advised to upgrade. There are no known workarounds for this issue.

Затронутые продукты

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:xrdp-0.9.10-3.16.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:xrdp-0.9.10-3.16.1

SUSE Linux Enterprise Server 12 SP5:xrdp-0.9.10-3.16.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5:xrdp-0.9.10-3.16.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-40184.html
CVE-2023-40184
https://bugzilla.suse.com/1214805
SUSE Bug 1214805

Описание

xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. On non-Debian platforms, xrdp tends to run as root. Potentially an out-of-bounds write can follow the out-of-bounds read. There is no denial-of-service impact, providing xrdp is running in forking mode. This issue has been addressed in release 0.9.23.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Затронутые продукты

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:xrdp-0.9.10-3.16.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:xrdp-0.9.10-3.16.1

SUSE Linux Enterprise Server 12 SP5:xrdp-0.9.10-3.16.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5:xrdp-0.9.10-3.16.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-42822.html
CVE-2023-42822
https://bugzilla.suse.com/1215803
SUSE Bug 1215803

SUSE-SU-2023:4873-1

Описание

Список пакетов

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP5

Ссылки

Уязвимость: CVE-2023-40184

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2023-42822

Описание

Затронутые продукты

Ссылки