CVE-2025-5024

Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus

Description

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.

INFO

Published Date :

2025-05-22T14:51:01.110Z

Last Modified :

2025-11-20T21:09:47.476Z

Source :

redhat

AFFECTED PRODUCTS

The following products are affected by CVE-2025-5024 vulnerability.

Vendors	Products
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Eus Rhel Eus Long Life Rhel Tus

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-5024.

URL	Resource
https://access.redhat.com/errata/RHSA-2025:10631
https://access.redhat.com/errata/RHSA-2025:10635
https://access.redhat.com/errata/RHSA-2025:10742
https://access.redhat.com/errata/RHSA-2025:11403
https://access.redhat.com/errata/RHSA-2025:11404
https://access.redhat.com/errata/RHSA-2025:11405
https://access.redhat.com/errata/RHSA-2025:11406
https://access.redhat.com/errata/RHSA-2025:11407
https://access.redhat.com/errata/RHSA-2025:11408
https://access.redhat.com/errata/RHSA-2025:11418
https://access.redhat.com/security/cve/CVE-2025-5024
https://bugzilla.redhat.com/show_bug.cgi?id=2367717
https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/merge_requests/321
https://nvd.nist.gov/vuln/detail/CVE-2025-5024
https://www.cve.org/CVERecord?id=CVE-2025-5024

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact