Mageia 8: 2023-0002 Critical: xrdp Buffer Overflow And Security Issues

mageia

January 13, 2023

xrdp less than v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function

Summary

xrdp less than v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. (CVE-2022-23468)
xrdp less than v0.9.21 contain a buffer over flow in audin_send_open() function. (CVE-2022-23477)
xrdp less than v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. (CVE-2022-23478)
xrdp less than v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. (CVE-2022-23479)
xrdp less than v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. (CVE-2022-23480)
xrdp less than v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. (CVE-2022-23481)
xrdp less than v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. (CVE-2022-23482)
xrdp less than v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. (CVE-2022-23483)
xrdp less than v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() functi...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=31309

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/67CHZVOMSTH2Q7P3TYFUNZUA6J7ZYEBQ/

- https://www.cve.org/CVERecord?id=CVE-2022-23468

- https://www.cve.org/CVERecord?id=CVE-2022-23477

- https://www.cve.org/CVERecord?id=CVE-2022-23478

- https://www.cve.org/CVERecord?id=CVE-2022-23479

- https://www.cve.org/CVERecord?id=CVE-2022-23480

- https://www.cve.org/CVERecord?id=CVE-2022-23481

- https://www.cve.org/CVERecord?id=CVE-2022-23482

- https://www.cve.org/CVERecord?id=CVE-2022-23483

- https://www.cve.org/CVERecord?id=CVE-2022-23484

Topics Covered

security advisory buffer overflow critical security issues xrdp Mageia out of bound

Resolution

SRPMS

- 8/core/xrdp-0.9.21-1.mga8

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 13 Jan 2023

URL: https://advisories.mageia.org/MGASA-2023-0002.html

Type: security

CVE: CVE-2022-23468, CVE-2022-23477, CVE-2022-23478, CVE-2022-23479, CVE-2022-23480, CVE-2022-23481, CVE-2022-23482, CVE-2022-23483, CVE-2022-23484

Topics Covered

security advisory buffer overflow critical security issues xrdp Mageia out of bound

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8: 2023-0002 Critical: xrdp Buffer Overflow And Security Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8: 2023-0002 Critical: xrdp Buffer Overflow And Security Issues

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!