DEBIAN-CVE-2025-5024

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2025-5024
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-5024.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2025-5024
Upstream
Published
2025-05-22T15:16:05.810Z
Modified
2026-04-28T20:30:37.561627Z
Severity
  • 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.

References

Affected packages

Debian:11 / gnome-remote-desktop

Package

Name
gnome-remote-desktop
Purl
pkg:deb/debian/gnome-remote-desktop?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.1.9-5
40.*
40.1-1
40.1-2
40.1-3
40.1-4
40.2-1
41.*
41.0-1
41.1-1
41.1-2
41.1-3
41.2-1
Other
42~beta-1
42~rc-1
44~rc-1
45~beta-1
45~rc-1
47~beta-1
47~rc-1
48~alpha-1
48~alpha-2
50~beta-1
42.*
42.0-1
42.0-2
42.0-3
42.0-4
42.1.1-1
42.1.1-2
42.2-1
42.3-1
42.4-1
43.*
43.0-1
43.0-2
43.1-1
43.2-1
43.3-1
43.4-1
43.4-2
44.*
44.0-1
44.1-1
44.2-1
44.2-2
44.2-3
44.2-4
44.2-5
44.2-6
44.2-7
44.2-8
45.*
45.0-1
45.1-1
45.1-2
45.1-3
46.*
46.0-1
46.0-2
46.1-1
46.1-2
46.1-3
46.2-1
46.3-1
46.3-2
46.3-3
46.3-4
46.4-1
47.*
47.0-1
47.0-3
47.2-1
47.3-1
48.*
48.0-1
48.1-1
48.1-2
48.1-3
48.1-4
48.2-1
49.*
49.0-1
49.1-1
49.1-2
49.2-1
49.2-2
49.2-3
50.*
50.1-1
50.1-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-5024.json"

Debian:12 / gnome-remote-desktop

Package

Name
gnome-remote-desktop
Purl
pkg:deb/debian/gnome-remote-desktop?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

43.*
43.3-1
43.4-1
43.4-2
Other
44~rc-1
45~beta-1
45~rc-1
47~beta-1
47~rc-1
48~alpha-1
48~alpha-2
50~beta-1
44.*
44.0-1
44.1-1
44.2-1
44.2-2
44.2-3
44.2-4
44.2-5
44.2-6
44.2-7
44.2-8
45.*
45.0-1
45.1-1
45.1-2
45.1-3
46.*
46.0-1
46.0-2
46.1-1
46.1-2
46.1-3
46.2-1
46.3-1
46.3-2
46.3-3
46.3-4
46.4-1
47.*
47.0-1
47.0-3
47.2-1
47.3-1
48.*
48.0-1
48.1-1
48.1-2
48.1-3
48.1-4
48.2-1
49.*
49.0-1
49.1-1
49.1-2
49.2-1
49.2-2
49.2-3
50.*
50.1-1
50.1-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-5024.json"

Debian:13 / gnome-remote-desktop

Package

Name
gnome-remote-desktop
Purl
pkg:deb/debian/gnome-remote-desktop?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

48.*
48.1-4
48.2-1
49.*
49.0-1
49.1-1
49.1-2
49.2-1
49.2-2
49.2-3
Other
50~beta-1
50.*
50.1-1
50.1-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-5024.json"

Debian:14 / gnome-remote-desktop

Package

Name
gnome-remote-desktop
Purl
pkg:deb/debian/gnome-remote-desktop?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

48.*
48.1-4
48.2-1
49.*
49.0-1
49.1-1
49.1-2
49.2-1
49.2-2
49.2-3
Other
50~beta-1
50.*
50.1-1
50.1-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2025-5024.json"