CVE-2022-23479: 
xrdp vulnerability analysis and mitigation

xrdp, an open source project that provides graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP), was found to contain a critical buffer overflow vulnerability in versions prior to 0.9.21. The vulnerability, identified as CVE-2022-23479, was discovered in the xrdpmmchandatain() function and was disclosed on December 9, 2022 (GitHub Advisory).

The vulnerability has been assigned a CVSS v3.1 base score of 9.1 (Critical), with the following metrics: Attack Vector: Network, Attack Complexity: Low, Privileges Required: None, User Interaction: None, Scope: Unchanged, Confidentiality: None, Integrity: High, Availability: High. The vulnerability manifests as a buffer overflow condition in the xrdpmmchandatain() function (GitHub Advisory).

The vulnerability could lead to out-of-bounds reads, potentially allowing attackers to crash the program or extract sensitive information. The high integrity and availability impact scores indicate that successful exploitation could result in significant system compromise (Ubuntu Notice).

The vulnerability has been fixed in xrdp version 0.9.21. Various Linux distributions have released security updates to address this issue: Ubuntu has released updates for versions 14.04 through 22.04, Debian has patched the vulnerability in version 0.9.21.1-1~deb11u1 for the oldstable distribution (bullseye) (Debian Advisory, Ubuntu Notice).