CVE-2025-5024
HIGHRed Hat Enterprise Linux gnome-remote-desktop - Unauthenticated Denial of Service via RDP Connection Handling
Title source: llmDescription
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.
References (13)
Core 13
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:10631
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:10635
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:10742
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:11403
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:11404
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:11405
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:11406
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:11407
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:11408
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:11418
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-5024
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2367717
Scores
CVSS v3
7.4
EPSS
0.0051
EPSS Percentile
66.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (14)
Red Hat/Red Hat Enterprise Linux 10
0:47.3-2.el10_0
Red Hat/Red Hat Enterprise Linux 8
0:0.1.8-4.el8_10
Red Hat/Red Hat Enterprise Linux 8.2 Advanced Update Support
0:0.1.6-9.el8_2.1
Red Hat/Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
0:0.1.8-4.el8_4
Red Hat/Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On
0:0.1.8-4.el8_4
Red Hat/Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
0:0.1.8-4.el8_6
Red Hat/Red Hat Enterprise Linux 8.6 Telecommunications Update Service
0:0.1.8-4.el8_6
Red Hat/Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
0:0.1.8-4.el8_6
Red Hat/Red Hat Enterprise Linux 8.8 Telecommunications Update Service
0:0.1.8-4.el8_8
Red Hat/Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
0:0.1.8-4.el8_8
... and 4 more
Published
May 22, 2025
Tracked Since
Feb 18, 2026