PT-2023-5611 · Debian+7 · Debian+7

Metalefty

·

Published

2023-09-27

·

Updated

2025-09-03

·

CVE-2023-42822

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions xrdp versions prior to 0.9.23.1
Description The issue is related to an out-of-bounds read within the xrdp executable due to unbounds-checked access to font glyphs in xrdp painter.c. This can result in an out-of-bounds read within a potentially privileged process, and on non-Debian platforms, xrdp tends to run as root. Potentially, an out-of-bounds write can follow the out-of-bounds read. There is no denial-of-service impact if xrdp is running in forking mode.
Recommendations To resolve the issue, upgrade to release 0.9.23.1 or later. As a temporary workaround, consider restricting access to the xrdp painter.c component until a patch is available. Avoid using controllable data by the user in the affected xrdp executable until the issue is resolved.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2023-5920
ALT-PU-2023-5929
ALT-PU-2023-5931
ALT-PU-2023-6233
ALT-PU-2023-6240
BDU:2023-06266
CVE-2023-42822
DLA-4166-1
GHSA-2HJX-RM4F-R9HW
MGASA-2023-0334
OPENSUSE-SU-2024:13399-1
ROSA-SA-2024-2445
ROSA-SA-2024-2523
SUSE-SU-2023:4577-1
SUSE-SU-2023:4873-1
SUSE-SU-2023_4577-1
USN-6474-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Red Os
Suse
Ubuntu
Xrdp