vulnerability
Red Hat: CVE-2025-4478: gnome-remote-desktop: freerdp: Unauthenticated RDP Packet Causes Segfault in FreeRDP Leading to Denial of Service (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:M/Au:N/C:N/I:P/A:C) | May 13, 2025 | Jan 27, 2026 | Jan 27, 2026 |
Severity
8
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:C)
Published
May 13, 2025
Added
Jan 27, 2026
Modified
Jan 27, 2026
Description
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
Solutions
redhat-upgrade-freerdpredhat-upgrade-freerdp-debuginforedhat-upgrade-freerdp-debugsourceredhat-upgrade-freerdp-develredhat-upgrade-freerdp-libsredhat-upgrade-freerdp-libs-debuginforedhat-upgrade-freerdp-serverredhat-upgrade-freerdp-server-debuginforedhat-upgrade-libwinprredhat-upgrade-libwinpr-debuginforedhat-upgrade-libwinpr-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.