CVE-2025-5024

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-5024

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-5024.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-5024

Related

UBUNTU-CVE-2025-5024

Published

2025-05-22T15:16:05Z

Modified

2025-05-23T16:49:35.464740Z

Severity

7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.

References

Affected packages

Debian:11 / gnome-remote-desktop

Package

Name: gnome-remote-desktop
Purl: pkg:deb/debian/gnome-remote-desktop?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.1.9-5

40.*

40.1-1

40.1-2

40.1-3

40.1-4

40.2-1

41.*

41.0-1

41.1-1

41.1-2

41.1-3

41.2-1

Other

42~beta-1

42~rc-1

44~rc-1

45~beta-1

45~rc-1

47~beta-1

47~rc-1

48~alpha-1

48~alpha-2

42.*

42.0-1

42.0-2

42.0-3

42.0-4

42.1.1-1

42.1.1-2

42.2-1

42.3-1

42.4-1

43.*

43.0-1

43.0-2

43.1-1

43.2-1

43.3-1

43.4-1

43.4-2

44.*

44.0-1

44.1-1

44.2-1

44.2-2

44.2-3

44.2-4

44.2-5

44.2-6

44.2-7

44.2-8

45.*

45.0-1

45.1-1

45.1-2

45.1-3

46.*

46.0-1

46.0-2

46.1-1

46.1-2

46.1-3

46.2-1

46.3-1

46.3-2

46.3-3

46.3-4

46.4-1

47.*

47.0-1

47.0-3

47.2-1

47.3-1

48.*

48.0-1

48.1-1

48.1-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / gnome-remote-desktop

Package

Name: gnome-remote-desktop
Purl: pkg:deb/debian/gnome-remote-desktop?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

43.*

43.3-1

43.4-1

43.4-2

Other

44~rc-1

45~beta-1

45~rc-1

47~beta-1

47~rc-1

48~alpha-1

48~alpha-2

44.*

44.0-1

44.1-1

44.2-1

44.2-2

44.2-3

44.2-4

44.2-5

44.2-6

44.2-7

44.2-8

45.*

45.0-1

45.1-1

45.1-2

45.1-3

46.*

46.0-1

46.0-2

46.1-1

46.1-2

46.1-3

46.2-1

46.3-1

46.3-2

46.3-3

46.3-4

46.4-1

47.*

47.0-1

47.0-3

47.2-1

47.3-1

48.*

48.0-1

48.1-1

48.1-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / gnome-remote-desktop

Package

Name: gnome-remote-desktop
Purl: pkg:deb/debian/gnome-remote-desktop?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

43.*

43.3-1

43.4-1

43.4-2

Other

44~rc-1

45~beta-1

45~rc-1

47~beta-1

47~rc-1

48~alpha-1

48~alpha-2

44.*

44.0-1

44.1-1

44.2-1

44.2-2

44.2-3

44.2-4

44.2-5

44.2-6

44.2-7

44.2-8

45.*

45.0-1

45.1-1

45.1-2

45.1-3

46.*

46.0-1

46.0-2

46.1-1

46.1-2

46.1-3

46.2-1

46.3-1

46.3-2

46.3-3

46.3-4

46.4-1

47.*

47.0-1

47.0-3

47.2-1

47.3-1

48.*

48.0-1

48.1-1

48.1-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}