← volver
CVE-2025-5024

Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus

CVSS 7.4 HIGHEPSS 0.8%CWE-400
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.4EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
22 may 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Productos afectados
Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRed Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat In-Vehicle Operating System 1

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2025:10631https://access.redhat.com/errata/RHSA-2025:10635https://access.redhat.com/errata/RHSA-2025:10742https://access.redhat.com/errata/RHSA-2025:11403https://access.redhat.com/errata/RHSA-2025:11404https://access.redhat.com/errata/RHSA-2025:11405https://access.redhat.com/errata/RHSA-2025:11406https://access.redhat.com/errata/RHSA-2025:11407https://access.redhat.com/errata/RHSA-2025:11408https://access.redhat.com/errata/RHSA-2025:11418https://access.redhat.com/security/cve/CVE-2025-5024https://bugzilla.redhat.com/show_bug.cgi?id=2367717