Vulnerability cyber

GNOME

May 26, 2025 1 min read
GNOME

A severe security vulnerability affecting GNOME Remote Desktop has been discovered, allowing unauthenticated attackers to exhaust system resources and crash critical processes. This vulnerability, classified under CWE-400, has a CVSS score of 7.4 and affects Red Hat Enterprise Linux environments, Debian, and Ubuntu systems. The attack can lead to persistent denial-of-service via resource exhaustion, disrupting remote desktop operations.

Source: https://cybersecuritynews.com/gnome-rdp-vulnerability/

TPRM report: https://scoringcyber.rankiteo.com/company/gnome-foundation

"id": "gno138052625",
"linkid": "gnome-foundation",
"type": "Vulnerability",
"date": "5/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'Red Hat',
                        'type': 'Software Vendor'}],
 'attack_vector': 'Network-based exploitation with low complexity',
 'date_publicly_disclosed': '2025-05-21',
 'description': 'A severe security vulnerability affecting GNOME Remote '
                'Desktop has been discovered, allowing unauthenticated '
                'attackers to exhaust system resources and crash critical '
                'processes.',
 'impact': {'operational_impact': 'Persistent denial-of-service via resource '
                                  'exhaustion',
            'systems_affected': ['Red Hat Enterprise Linux versions 8, 9, 10',
                                 'Debian versions 11, 12, 13',
                                 'Ubuntu versions 25.04, 24.10, 24.04 LTS, '
                                 '22.04 LTS, 20.04 LTS']},
 'initial_access_broker': {'entry_point': 'RDP connections'},
 'motivation': 'Denial of Service',
 'post_incident_analysis': {'root_causes': 'Malformed RDP PDUs triggering '
                                           'excessive resource consumption'},
 'recommendations': ['Disable gnome-remote-desktop service until patches are '
                     'available',
                     'Implement firewall configurations to block port 3389',
                     'Use network segmentation and access control policies',
                     'Monitor for unusual resource consumption patterns'],
 'references': [{'source': 'Red Hat Security Advisory'}],
 'response': {'containment_measures': ['Disabling gnome-remote-desktop service '
                                       'using systemctl commands',
                                       'Blocking port 3389',
                                       'Network segmentation',
                                       'Access control policies'],
              'enhanced_monitoring': 'Monitor for unusual resource consumption '
                                     'patterns',
              'network_segmentation': 'Implement network segmentation'},
 'title': 'GNOME Remote Desktop Vulnerability (CVE-2025-5024)',
 'type': 'Uncontrolled Resource Consumption',
 'vulnerability_exploited': 'CWE-400'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.