Debian LTS: DLA-2356-1 Critical: FreeRDP Denial Of Service
debian lts
August 29, 2020
Several vulnerabilites have been reported against FreeRDP, an Open Source server and client implementation of the Microsoft RDP protocol
Summary
An integer overflow in the license_read_scope_list function in
libfreerdp/core/license.c in FreeRDP allowed remote RDP
servers to cause a denial of service (application crash) or possibly
have unspecified other impact via a large ScopeCount value in a Scope
List in a Server License Request packet.
CVE-2020-11042
In FreeRDP there was an out-of-bounds read in update_read_icon_info.
It allowed reading an attacker-defined amount of client memory (32bit
unsigned -> 4GB) to an intermediate buffer. This could have been used
to crash the client or store information for later retrieval.
CVE-2020-11045
In FreeRDP there was an out-of-bound read in in
update_read_bitmap_data that allowed client memory to be read to an
image buffer. The result displayed on screen as colour.
CVE-2020-11046
In FreeRDP there was a stream out-of-bounds seek in
update_read_synchronize that could have lead to a later out-of-bounds
read.
CVE-2020-11048
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
-------------------------------------------------------------------------Package: freerdp
Version: 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u4
CVE ID: CVE-2014-0791 CVE-2020-11042 CVE-2020-11045 CVE-2020-11046
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!