Several xrdp Vulnerabilities Addressed in Ubuntu
xrdp is a free and open-source project that enables a graphical login to remote systems by utilizing the Microsoft Remote Desktop Protocol (RDP). The Ubuntu security team has released some important updates addressing xrdp vulnerabilities in different Ubuntu versions, including Ubuntu 22.04, Ubuntu 20.04, Ubuntu 18.04, Ubuntu 16.04, and Ubuntu 14.04.
xrdp Vulnerabilities Fixed in Ubuntu
Issue 1 (CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822):
xrdp was found mishandling the validation of data from clients, potentially causing out-of-bounds reads. Attackers could exploit this to crash the program or access sensitive information.
Issue 2 (CVE-2023-40184):
Another discovery revealed that xrdp didn’t handle session establishment errors properly. An attacker could use this to bypass OS-level session restrictions by PAM.
Issue 3 (CVE-2022-23468):
In this case, xrdp had issues validating client-supplied data, leading to out-of-bounds writes. This could be exploited to cause memory corruption or execute arbitrary code. This problem specifically affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
Issue 4 (CVE-2022-23480, CVE-2022-23482, CVE-2022-23484):
Again, xrdp mishandled the validation of client-supplied data, leading to out-of-bounds reads. This impacted Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, potentially allowing attackers to crash the program or access sensitive information.
Issue 5 (CVE-2022-23477, CVE-2022-23493):
This time, xrdp’s problem with validating client-supplied data affected only Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, creating the risk of program crashes or extraction of sensitive information.
Issue 6 (CVE-2022-23478):
Similar to the previous case, xrdp mishandled client-supplied data validation, leading to out-of-bounds writes. This only impacted Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, potentially causing memory corruption or arbitrary code execution.
Issue 7 (CVE-2022-23613):
Lastly, xrdp incorrectly handled the validation of client-supplied data, resulting in out-of-bounds reads. This issue was specific to Ubuntu 22.04 LTS, posing a risk of program crashes or extraction of sensitive information.
Conclusion
It’s crucial to stay updated and take necessary actions to address these vulnerabilities, especially if you’re using xrdp on any of the mentioned Ubuntu versions. Keep your systems secure!
Ubuntu 16.04 and Ubuntu 18.04 users cannot apply these security updates unless they have a Ubuntu Pro subscription. This is because these operating systems have already reached end-of-life status. Alternatively, they can go for an affordable option, TuxCare’s Extended Lifecycle Support for Ubuntu 16.04 and Ubuntu 18.04. TuxCare provides vendor-grade security patches for up to five additional years after the EOL date.
Speak to a TuxCare Linux security expert to get started with TuxCare’s Extended Lifecycle for your end-of-life Ubuntu systems.
The sources for this article can be found on USN-6474-1.