xrdp could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
- xrdp: Remote Desktop Protocol (RDP) server
Details:
Ashley Newson discovered that xrdp incorrectly handled memory when
processing certain incoming connections. An attacker could possibly use
this issue to cause a denial of service or arbitrary code execution.
The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: xrdp 0.9.12-1ubuntu0.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): xrdp 0.9.5-2ubuntu0.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): xrdp 0.6.1-2ubuntu0.3+esm2 Ubuntu 14.04 LTS (Available with Ubuntu Pro): xrdp 0.6.0-1ubuntu0.1+esm2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-6469-1
CVE-2020-4044
Get the latest Linux and open source security news straight to your inbox.