CVE-2022-23493: 
xrdp vulnerability analysis and mitigation

xrdp, an open source project providing graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP), was found to contain a critical Out-of-Bounds Read vulnerability in versions prior to v0.9.21. The vulnerability specifically affects the xrdp_mm_trans_process_drdynvc_channel_close() function. This security issue was assigned CVE-2022-23493 and received a CVSS v3.1 base score of 9.1 (Critical) (NVD, GitHub Advisory).

The vulnerability is classified as an Out-of-Bounds Read (CWE-125) issue in the xrdp_mm_trans_process_drdynvc_channel_close() function. The severity assessment indicates a Critical rating with a CVSS v3.1 base score of 9.1, characterized by the following vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H. This indicates that the vulnerability is network-accessible, requires low attack complexity, needs no privileges or user interaction, and can result in high impacts to both confidentiality and availability (GitHub Advisory).

The vulnerability could allow an attacker to crash the program or extract sensitive information. The high CVSS score reflects the potential for significant impact, particularly in terms of confidentiality and availability. The vulnerability affects multiple Linux distributions including Ubuntu 20.04 LTS and Ubuntu 22.04 LTS (Ubuntu Notice).

The primary mitigation is to upgrade to xrdp version 0.9.21 or later. There are no known workarounds for this issue, and users are strongly advised to upgrade their installations. Various Linux distributions have released security updates to address this vulnerability, including Debian which fixed the issue in version 0.9.21.1-1~deb11u1 for the oldstable distribution (bullseye) (Debian Advisory).