GNOME Remote Desktop Uncontrolled Resource Consumption Vulnerability Allowing Denial-of-Service

A vulnerability in GNOME Remote Desktop has been identified, which allows an unauthenticated attacker to exhaust system resources and repeatedly crash the process when it is listening for RDP connections. This issue may also cause a resource leak, preventing GNOME Remote Desktop from opening files even after the service is restarted via systemd. The vulnerability arises from improper handling of malformed RDP packets, leading to excessive consumption of file descriptors and causing the service to fail.

Impact

Exploitation of this vulnerability causes a denial-of-service condition by crashing the GNOME Remote Desktop process and exhausting system resources, particularly file descriptors. This disruption can prevent legitimate users from accessing the service and may lead to a broader slowdown of the system.

Reproduction

To reproduce this vulnerability, activate the GNOME Remote Desktop service in RDP mode, which is not the default configuration. Once the service is running, an attacker can use an RDP fuzzer to send malformed RDP packets at a high rate, causing the service to consume excessive resources and eventually crash. This can be done by targeting the RDP socket with a tool that simulates RDP connections and sends crafted data that exploits the resource handling flaw.

Remediation

Users can update to the latest version of GNOME Remote Desktop, which includes a fix for this vulnerability. Instructions for applying the update are available on the Red Hat Customer Portal.