NIXPKGS-2026-1185

GitHub issue published on

Permalink CVE-2026-32107

8.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

updated 1 week, 3 days ago by @LeSuisse Activity log

Created suggestion 1 week, 4 days ago
@LeSuisse ignored package pulseaudio-module-xrdp 1 week, 3 days ago
@LeSuisse accepted 1 week, 3 days ago
@LeSuisse published on GitHub 1 week, 3 days ago

xrdp: Fail-open privilege drop in sesexec — child processes may execute as root if setuid fails

xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the privilege drop process. This improper privilege management could allow an authenticated local attacker to escalate privileges to root and execute arbitrary code on the system. An additional exploit would be needed to facilitate this. This issue has been fixed in version 0.10.6.

References

https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-p5m6-7m43-pjv9 x_refsource_CONFIRM

Ignored references (1)

https://github.com/neutrinolabs/xrdp/releases/tag/v0.10.6 x_refsource_MISC

Affected products

xrdp

==< 0.10.6

Matching in nixpkgs

pkgs.xrdp

Open source RDP server

nixos-unstable 0.10.4.1
- nixpkgs-unstable 0.10.4.1
- nixos-unstable-small 0.10.4.1
nixos-25.11 0.10.4.1
- nixos-25.11-small 0.10.4.1
- nixpkgs-25.11-darwin 0.10.4.1

Ignored packages (1)

pkgs.pulseaudio-module-xrdp

xrdp sink/source pulseaudio modules

nixos-unstable 0.8
- nixpkgs-unstable 0.8
- nixos-unstable-small 0.8
nixos-25.11 0.8
- nixos-25.11-small 0.8
- nixpkgs-25.11-darwin 0.8

Package maintainers

@chvp Charlotte Van Petegem <nixpkgs@cvpetegem.be>
@lucasew Lucas Eduardo Wendt <lucas59356@gmail.com>