{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-5024", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-05-21T06:10:08.134Z", "datePublished": "2025-05-22T14:51:01.110Z", "dateUpdated": "2025-05-26T10:18:29.138Z"}, "containers": {"cna": {"title": "Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnome-remote-desktop", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:10"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnome-remote-desktop", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "gnome-remote-desktop", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-5024", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367717", "name": "RHBZ#2367717", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2025-05-21T06:16:27.607Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-400", "description": "Uncontrolled Resource Consumption", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2025-05-21T03:18:10.555000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-05-21T06:16:27.607000+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-26T10:18:29.138Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-22T17:42:56.244523Z", "id": "CVE-2025-5024", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-22T18:12:30.923Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5024", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-22T17:42:56.244523Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-22T17:42:58.589Z"}}], "cna": {"title": "Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"cpes": ["cpe:/o:redhat:enterprise_linux:10"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "packageName": "gnome-remote-desktop", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "packageName": "gnome-remote-desktop", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "packageName": "gnome-remote-desktop", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-05-21T03:18:10.555000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-05-21T06:16:27.607000+00:00", "value": "Made public."}], "datePublic": "2025-05-21T06:16:27.607Z", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-5024", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367717", "name": "RHBZ#2367717", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "descriptions": [{"lang": "en", "value": "A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-26T10:18:29.138Z"}, "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"}}, "cveMetadata": {"cveId": "CVE-2025-5024", "state": "PUBLISHED", "dateUpdated": "2025-05-26T10:18:29.138Z", "dateReserved": "2025-05-21T06:10:08.134Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-05-22T14:51:01.110Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en gnome-remote-desktop. Una vez que gnome-remote-desktop escucha conexiones RDP, un atacante no autenticado puede agotar los recursos del sistema y bloquear repetidamente el proceso. Puede producirse una fuga de recursos tras varios ataques, lo que tambi\u00e9n provocar\u00e1 que gnome-remote-desktop deje de poder abrir archivos incluso despu\u00e9s de reiniciarse mediante systemd."}], "id": "CVE-2025-5024", "lastModified": "2025-05-23T15:55:02.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "secalert@redhat.com", "type": "Primary"}]}, "published": "2025-05-22T15:16:05.810", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-5024"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367717"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"bugzilla": {"description": "gnome-remote-desktop: Uncontrolled Resource Consumption due to Malformed RDP PDUs", "id": "2367717", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367717"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-400", "details": ["A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.", "A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-5024", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "gnome-remote-desktop", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "gnome-remote-desktop", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "gnome-remote-desktop", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-21T06:16:27Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-5024\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-5024"], "statement": "The severity of this issue is considered moderate rather than important because successful exploitation requires the gnome-remote-desktop service to be actively configured and running in RDP mode, which is not enabled by default in most deployments. While the attack can be performed remotely and without authentication, it relies on sending specially crafted RDP packets that exploit a resource handling flaw, resulting in excessive consumption of system file descriptors and eventual denial of service. However, the vulnerability does not enable code execution, privilege escalation, or compromise of data integrity or confidentiality. The impact is therefore confined to service disruption rather than a direct security breach.\nAdditionally, the attack vector involves sustained resource abuse over time, requiring specific environmental conditions, such as systemd-managed user services with elevated file descriptor limits. This further limits the exploitability in default or hardened configurations. As such, the potential for widespread exploitation is constrained by the need for non-default service activation and prolonged interaction, reducing its overall security impact when compared to vulnerabilities that offer immediate compromise or broader applicability across system roles.", "threat_severity": "Moderate"}