ALT-PU-2025-16947-1

Package update freerdp3 in branch sisyphus

Version3.16.0-alt1

Published2025-06-20

Max severityHIGH

Severity:

Closed issues (2)

HIGH7.1

Уязвимость службы удаленного рабочего стола GNOME Remote Desktop, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании

Published: 2025-09-28Modified: 2025-10-02

CVSS 3.xHIGH 7.1

CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

CVSS 2.0HIGH 8.5

CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:C

References

CVE-2025-4478

MEDIUM6.5

A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.

Published: 2025-05-16Modified: 2026-01-21

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References