Unrated severityOSV Advisory· Published May 16, 2025· Updated Jan 21, 2026
Gnome-remote-desktop: freerdp: unauthenticated rdp packet causes segfault in freerdp leading to denial of service
CVE-2025-4478
Description
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19- osv-coords18 versionspkg:apk/chainguard/freerdppkg:apk/chainguard/freerdp-devpkg:apk/chainguard/freerdp-docpkg:apk/chainguard/freerdp-libspkg:apk/wolfi/freerdppkg:apk/wolfi/freerdp-devpkg:apk/wolfi/freerdp-docpkg:apk/wolfi/freerdp-libspkg:rpm/almalinux/freerdppkg:rpm/almalinux/freerdp-develpkg:rpm/almalinux/freerdp-libspkg:rpm/almalinux/freerdp-serverpkg:rpm/almalinux/libwinprpkg:rpm/almalinux/libwinpr-develpkg:rpm/opensuse/freerdp&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/freerdp&distro=openSUSE%20Tumbleweedpkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7
< 0+ 17 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 2:3.10.3-3.el10_0
- (no CPE)range: < 2:3.10.3-3.el10_0
- (no CPE)range: < 2:3.10.3-3.el10_0
- (no CPE)range: < 2:3.10.3-3.el10_0
- (no CPE)range: < 2:3.10.3-3.el10_0
- (no CPE)range: < 2:3.10.3-3.el10_0
- (no CPE)range: < 3.22.0-160000.1.1
- (no CPE)range: < 3.21.0-2.1
- (no CPE)range: < 3.10.3-150700.3.3.1
- (no CPE)range: < 3.10.3-150700.3.3.1
Patches
Vulnerability mechanics
References
4- access.redhat.com/errata/RHSA-2025:9307mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/security/cve/CVE-2025-4478mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- github.com/FreeRDP/FreeRDP/pull/11573mitre
News mentions
0No linked articles in our index yet.