CVE-2022-23484: 
xrdp vulnerability analysis and mitigation

xrdp, an open source project providing graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP), was found to contain an Integer Overflow vulnerability in versions prior to v0.9.21. The vulnerability specifically affects the xrdpmmprocessrailupdatewindowtext() function. This security issue was assigned CVE-2022-23484 and was publicly disclosed on December 9, 2022 (NVD, GitHub Advisory).

The vulnerability has been assigned a CVSS v3.1 base score of 9.8 (Critical) by NIST with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating a network-accessible vulnerability with low attack complexity requiring no privileges or user interaction. GitHub's assessment assigned a slightly lower CVSS score of 8.2 (High) with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H. The vulnerability is classified as CWE-190 (Integer Overflow or Wraparound) (NVD).

The Integer Overflow vulnerability could lead to out-of-bounds reads, potentially allowing attackers to crash the program or extract sensitive information. This affects the security of remote desktop sessions managed by xrdp (Ubuntu Security).

There are no known workarounds for this vulnerability. Users are advised to upgrade to xrdp version 0.9.21 or later. Various Linux distributions have released patched versions: Ubuntu has provided fixes for versions 18.04 LTS, 20.04 LTS, and 22.04 LTS, while Debian has addressed the issue in version 0.9.21.1-1~deb11u1 for the bullseye release (Debian Security, Ubuntu Security).