[SECURITY] [DLA 4166-1] xrdp security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4166-1] xrdp security update
From: Abhijith PA <abhijith@debian.org>
Date: Fri, 16 May 2025 20:36:42 +0530
Message-id: <[🔎] aCdUgoVjFwQh9uVG@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4166-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Abhijith PA
May 16, 2025                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : xrdp
Version        : 0.9.21.1-1~deb11u2
CVE ID         : CVE-2023-40184 CVE-2023-42822 CVE-2024-39917

Several vulnerabilities were discovered in xrdp, a Remote Desktop
Protocol (RDP) server


CVE-2023-40184

    improper handling of session establishment errors allows bypassing
    OS-level session restrictions. The `auth_start_session` function
    can return non-zero on PAM error which may result in in session
    restrictions such as max concurrent sessions per user by PAM.
        
CVE-2023-42822

    Access to the font glyphs in xrdp_painter.c is not bounds-checked
    . Since some of this data is controllable by the user, this can
    result in an out-of-bounds read within the xrdp executable. The
    vulnerability allows an out-of-bounds read within a potentially
    privileged process.
    
CVE-2024-39917

    a vulnerability that allows attackers to make an infinite number
    of login attempts. The number of max login attempts is supposed to
    be limited by a configuration parameter `MaxLoginRetry` in
    `/etc/xrdp/sesman.ini`. However, this mechanism was not
    effectively working. As a result, xrdp allows an infinite number
    of login attempts.
    
For Debian 11 bullseye, these problems have been fixed in version
0.9.21.1-1~deb11u2.

We recommend that you upgrade your xrdp packages.

For the detailed security status of xrdp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xrdp

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmgnVIIACgkQhj1N8u2c
KO87/Q//dohCUs+Arr4CFvasxuO3ZKRj5T/37TKVKOAD3a76Ro2/NO7NVn+U0dpa
YCFSW0PnFhEatcmjnAa9xwbth8Su1ZDBaamUR20cvkNeAkZ7qajFo4sZbgAum4hq
ot6WSOn2Ibkk8BqdWBTotDt3EbjOYK59CxiYpCBD2uOJn+I1omktVxY44rw8ViaC
uQ99SpToBVnuSU1VNBDWShi3g0RyyoiJbvE2Iy3DvO9oe1LrdJgz7FN9rX23OMVU
+gxkQmS2upxYSokBhsVZvz+4OfuG9FttwvMe2F8BNdk1NpbNFI91+t3uWVX6qV3/
nDGcQb6lcieM/OVMrrBnIvdx0Y2uhO1qDaVGYeHNV/XmNxfDtePL5/NAo2/sdfkT
ZhhG+m0bD+3J0Y1bhre9CkI37rYpeAywyvG6327CiyL95RH7CMwDn/afq1I7nUbB
bHbfeSJD6SZ4SesH+XxMsplZo3tC5e7/1D0I3TTGiH6rCmFteRWk1wjwlDfXNayp
mNvtWPAr5mfvayvsLzwfr+5Rvu7R0WXPBCJ99Z5nMmnGDkHsaoKP4xZ7obL34zEe
gl17RfjfHrlSNGURsJMO65JSOyNMNdI5KOzR2jij5Y0ryFa2y7ocoKPxsH5D6G3U
jGueTA2OD4yxPIzbB9Gk66Xmb1SMEDsfc7lqHAlfQRIJTRowX5A=
=rF7+
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4165-1] open-vm-tools security update
Next by Date: [SECURITY] [DLA 4168-1] openafs security update
Previous by thread: [SECURITY] [DLA 4165-1] open-vm-tools security update
Next by thread: [SECURITY] [DLA 4168-1] openafs security update
Index(es):
- Date
- Thread