RDesktop version 1.8.4 contains multiple out-of-bound access read vulnerabilities in its code, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. These issues have been fixed in version 1.8.5 Reference: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/10/30/klcert-19-032-denial-of-service-in-rdesktop-before-1-8-4/
All supported Fedora versions already have rdesktop 1.8.6.
Upstream commit: https://github.com/rdesktop/rdesktop/commit/82fce18311a744fe59b2ce9ce3a5451fbdb7c8f9
External References: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/10/30/klcert-19-032-denial-of-service-in-rdesktop-before-1-8-4/
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-15682