Gafusss

**Name of the Vulnerable Software and Affected Versions** xrdp versions prior to 0.9.23 **Description** The issue is related to the improper handling of session establishment errors in xrdp, allowing bypassing of OS-level session restrictions. The `auth start session` function can return a non-zero value on errors, such as PAM errors, which may result in session restrictions being bypassed. This affects users who use restrictions by PAM, while administrators who do not use these restrictions are not affected. **Recommendations** To resolve the issue, upgrade to release version 0.9.23 or later. As a temporary workaround, consider restricting access to the `auth start session` function until a patch is available. Additionally, review and adjust PAM settings, such as those in ./etc/security/limits.conf, to minimize the risk of exploitation. There are no known workarounds for this issue other than upgrading to the fixed version.