CVE-2025-5024

Published: May 22, 2025

Modified: Nov 20, 2025

PUBLISHED

CVSS v3.1

7.4

HIGH

Description

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux 10	unaffected `0:47.3-2.el10_0 - < *`
Red Hat	Red Hat Enterprise Linux 8	unaffected `0:0.1.8-4.el8_10 - < *`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	unaffected `0:0.1.6-9.el8_2.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	unaffected `0:0.1.8-4.el8_4 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	unaffected `0:0.1.8-4.el8_4 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	unaffected `0:0.1.8-4.el8_6 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	unaffected `0:0.1.8-4.el8_6 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	unaffected `0:0.1.8-4.el8_6 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	unaffected `0:0.1.8-4.el8_8 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	unaffected `0:0.1.8-4.el8_8 - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `0:40.0-11.el9_6 - < *`
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	unaffected `0:40.0-10.el9_0 - < *`
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	unaffected `0:40.0-10.el9_2 - < *`
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	unaffected `0:40.0-11.el9_4 - < *`