VDB
GCVE-110-MAGEIA-2023-334
GCVE-110-MAGEIA-2023-334
Advisory Published
The updated packages fix a security vulnerability
Access to the font glyphs in xrdp_painter.c is not bounds-checked. Since
some of this data is controllable by the user, this can result in an
out-of-bounds read within the xrdp executable. The vulnerability allows
an out-of-bounds read within a potentially privileged process. On
non-Debian platforms, xrdp tends to run as root. Potentially an
out-of-bounds write can follow the out-of-bounds read. There is no
denial-of-service impact, providing xrdp is running in forking mode.
(CVE-2023-42822)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | xrdp | 0 (affected), 0.9.23.1-1.mga9 (unaffected) | — |
Aliases
Browse GCVE Records
73,738 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.