Mageia: 2019-0041 Moderate: rdesktop Remote Code Execution Issues
mageia
January 18, 2019
rdesktop has been updated to fix multiple CVE's
Summary
rdesktop has been updated to fix multiple CVE's. Fix memory corruption in process_bitmap_data - CVE-2018-8794 Fix remote code execution in process_bitmap_data - CVE-2018-8795 Fix remote code execution in process_plane - CVE-2018-8797 Fix Denial of Service in mcs_recv_connect_response - CVE-2018-20175 Fix Denial of Service in mcs_parse_domain_params - CVE-2018-20175 Fix Denial of Service in sec_parse_crypt_info - CVE-2018-20176 Fix Denial of Service in sec_recv - CVE-2018-20176 Fix minor information leak in rdpdr_process - CVE-2018-8791 Fix Denial of Service in cssp_read_tsrequest - CVE-2018-8792 Fix remote code execution in cssp_read_tsrequest - CVE-2018-8793 Fix Denial of Service in process_bitmap_data - CVE-2018-8796 Fix minor information leak in rdpsnd_process_ping - CVE-2018-8798 Fix Denial of Service in process_secondary_order - CVE-2018-8799 Fix remote code execution in in ui_clip_handle_data - CVE-2018-8800 Fix major information leak in ui_clip_handle_data - CVE-2018-20174 Fi...
References
- https://bugs.mageia.org/show_bug.cgi?id=24192
- https://github.com/rdesktop/rdesktop/releases/tag/v1.8.4
- https://www.cve.org/CVERecord?id=CVE-2018-8794
- https://www.cve.org/CVERecord?id=CVE-2018-8795
- https://www.cve.org/CVERecord?id=CVE-2018-8797
- https://www.cve.org/CVERecord?id=CVE-2018-20175
- https://www.cve.org/CVERecord?id=CVE-2018-20175
- https://www.cve.org/CVERecord?id=CVE-2018-20176
- https://www.cve.org/CVERecord?id=CVE-2018-20176
- https://www.cve.org/CVERecord?id=CVE-2018-8791
- https://www.cve.org/CVERecord?id=CVE-2018-8792
- https://www.cve.org/CVERecord?id=CVE-2018-8793
- https://www.cve.org/CVERecord?id=CVE-2018-8796
- https://www.cve.org/CVERecord?id=CVE-2018-8798
- https://www.cve.org/CVERecord?id=CVE-2018-8799
- https://www.cve.org/CVERecord?id=CVE-2018-8800
- https://www.cve.org/CVERecord?id=CVE-2018-20174
- https://www.cve.org/CVERecord?id=CVE-2018-20177
- https://www.cve.org/CVERecord?id=CVE-2018-20178
- https://www.cve.org/CVERecord?id=CVE-2018-20179
- https://www.cve.org/CVERecord?id=CVE-2018-20180
- https://www.cve.org/CVERecord?id=CVE-2018-20181
- https://www.cve.org/CVERecord?id=CVE-2018-20182
Resolution
SRPMS
- 6/core/rdesktop-1.8.4-1.mga6
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 18 Jan 2019
URL: https://advisories.mageia.org/MGASA-2019-0041.html
Type: security
CVE: CVE-2018-8794,
CVE-2018-8795,
CVE-2018-8797,
CVE-2018-20175,
CVE-2018-20175,
CVE-2018-20176,
CVE-2018-20176,
CVE-2018-8791,
CVE-2018-8792,
CVE-2018-8793,
CVE-2018-8796,
CVE-2018-8798,
CVE-2018-8799,
CVE-2018-8800,
CVE-2018-20174,
CVE-2018-20177,
CVE-2018-20178,
CVE-2018-20179,
CVE-2018-20180,
CVE-2018-20181,
CVE-2018-20182
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!