VDB
GCVE-110-MAGEIA-2023-276
GCVE-110-MAGEIA-2023-276
Advisory Published
In versions prior to 0.9.23 improper handling of session establishment
errors allows bypassing OS-level session restrictions. The
`auth_start_session` function can return non-zero (1) value on, e.g.,
PAM error which may result in in session restrictions such as max
concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to
be bypassed. (CVE-2023-40184)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | xrdp | 0 (affected), 0.9.23-1.mga9 (unaffected) | — |
| Mageia | xrdp | 0 (affected), 0.9.23-1.mga8 (unaffected) | — |
Aliases
Browse GCVE Records
73,280 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.