Advisories » MGASA-2026-0037

Updated xrdp packages fix security vulnerability

Publication date: 11 Feb 2026
Modification date: 11 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-68670

Description

xrdp improperly checks bounds of domain string length, which leads to
Stack-based Buffer Overflow. (CVE-2025-68670)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=35111
• https://lists.debian.org/debian-security-announce/2026/msg00032.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68670

SRPMS

9/core

• xrdp-0.9.23.1-1.2.mga9