Source: xrdp Version: 0.10.1-3.1 Severity: grave Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for xrdp. CVE-2025-68670[0]: | xrdp is an open source RDP server. xrdp before v0.10.5 contains an | unauthenticated stack-based buffer overflow vulnerability. The issue | stems from improper bounds checking when processing user domain | information during the connection sequence. If exploited, the | vulnerability could allow remote attackers to execute arbitrary code | on the target system. The vulnerability allows an attacker to | overwrite the stack buffer and the return address, which could | theoretically be used to redirect the execution flow. The impact of | this vulnerability is lessened if a compiler flag has been used to | build the xrdp executable with stack canary protection. If this is | the case, a second vulnerability would need to be used to leak the | stack canary value. Upgrade to version 0.10.5 to receive a patch. | Additionally, do not rely on stack canary protection on production | systems. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-68670 https://www.cve.org/CVERecord?id=CVE-2025-68670 [1] https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-rwvg-gp87-gh6f [2] https://github.com/neutrinolabs/xrdp/commit/0d6964415ac31f8240ed894de1ff626bf4683eac (v0.10.5) Please adjust the affected versions in the BTS as needed. Regards, Salvatore
