Out-of-bounds read in xrdp - CVE-2026-44978
Published: July 1, 2026
xrdp
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to out-of-bounds read in the FIPS-specific receive paths when processing a crafted FIPS-protected PDU. A remote attacker can send a crafted FIPS-protected PDU to cause a denial of service.
The issue is only exploitable when the security layer is set to security_layer=negotiate or security_layer=rdp and the crypto level is set to crypt_level=fips. Because a new process is forked for each connection by default, a crash is unlikely to bring down the entire service.