Debian 10: DLA-3654-1 Critical: FreeRDP2 Authentication Bypass & DoS
debian lts
November 17, 2023
Debian Bug : 1001062 1021659 Multiple vulnerabilties have been found in freelrdp2, a free implementation of the Remote Desktop Protocol (RDP)
Topics Covered
Summary
Multiple vulnerabilties have been found in freelrdp2, a free implementation of
the Remote Desktop Protocol (RDP). The vulnerabilties potentially allows
authentication bypasses on configuration errors, buffer overreads, DoS vectors,
buffer overflows or accessing files outside of a shared directory.
CVE-2021-41160
In affected versions a malicious server might trigger out of bound writes in a
connected client. Connections using GDI or SurfaceCommands to send graphics
updates to the client might send `0` width/height or out of bound rectangles to
trigger out of bound writes. With `0` width or heigth the memory allocation
will be `0` but the missing bounds checks allow writing to the pointer at this
(not allocated) region.
CVE-2022-24883
Prior to version 2.7.0, server side authentication against a `SAM` file might
be successful for invalid credentials if the server has configured an invalid
`SAM` file path. FreeRDP based clients are not affected. RDP server
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: freerdp2
Version: 2.3.0+dfsg1-2+deb10u4
CVE ID: CVE-2021-41160 CVE-2022-24883 CVE-2022-39282 CVE-2022-39283
Debian Bug: 1001062 1021659
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!