Vulnerability CVE-2023-42822: Information

Description

xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. On non-Debian platforms, xrdp tends to run as root. Potentially an out-of-bounds write can follow the out-of-bounds read. There is no denial-of-service impact, providing xrdp is running in forking mode. This issue has been addressed in release 0.9.23.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Published: Sept. 27, 2023
Modified: Nov. 4, 2023
Error type identifier: CWE-125

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
xrdpsisyphus0.9.23.1-alt10.9.24-alt1ALT-PU-2023-5920-2330498Fixed
xrdpsisyphus_e2k0.9.23.1-alt10.9.24-alt1ALT-PU-2023-5966-1-Fixed
xrdpsisyphus_mipsel0.9.23.1-alt10.9.24-alt1ALT-PU-2023-5953-1-Fixed
xrdpsisyphus_riscv640.9.23.1-alt10.9.24-alt1ALT-PU-2023-6060-1-Fixed
xrdpp100.9.23.1-alt10.9.24-alt1ALT-PU-2023-5931-2330500Fixed
xrdpp10_e2k0.9.23.1-alt10.9.23.1-alt1ALT-PU-2023-7116-1-Fixed
xrdpp90.9.23.1-alt10.9.23.1-alt1ALT-PU-2023-6233-2330503Fixed
xrdpc10f10.9.23.1-alt10.9.23.1-alt1ALT-PU-2023-6240-2331357Fixed
xrdpc9f20.9.23.1-alt10.9.23.1-alt1ALT-PU-2023-5929-2330502Fixed

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:neutrinolabs:xrdp:*:*:*:*:*:*:*:*
      End excliding
      0.9.23.1

      Configuration 2

      cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

      cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*