CVE-2025-5024: 
Rocky Linux vulnerability analysis and mitigation

A vulnerability (CVE-2025-5024) was discovered in gnome-remote-desktop that allows an unauthenticated attacker to exhaust system resources when the service is listening for RDP connections. The vulnerability was disclosed on May 21, 2025, and affects various versions of gnome-remote-desktop across multiple Linux distributions including Red Hat Enterprise Linux 8, 9, and 10 (Red Hat XML).

The vulnerability is classified as CWE-400 (Uncontrolled Resource Consumption) with a CVSS v3.1 base score of 7.4 (HIGH). The attack vector is network-based (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) but user interaction (UI:R), and has a changed scope (S:C) with high availability impact (A:H) but no confidentiality or integrity impact (C:N, I:N) (NVD).

When exploited, the vulnerability causes excessive consumption of system file descriptors leading to denial of service. After multiple attacks, the service becomes unable to open files even after systemd-initiated restarts. The impact is considered moderate because successful exploitation requires the gnome-remote-desktop service to be actively configured and running in RDP mode, which is not enabled by default in most deployments (Red Hat XML).

As of the vulnerability disclosure, no official mitigation options are available that meet Red Hat Product Security criteria for ease of use, deployment, and applicability to widespread installation base or stability (Red Hat XML).