SUSE: 2020:2272-1 Important: Freerdp Denial Of Service Fix
suse
August 18, 2020
An update that fixes 46 vulnerabilities is now available
Summary
This update for freerdp fixes the following issues: freerdp was updated to version 2.1.2 (bsc#1171441,bsc#1173247 and jsc#ECO-2006): - CVE-2020-11017: Fixed a double free which could have denied the server's service. - CVE-2020-11018: Fixed an out of bounds read which a malicious clients could have triggered. - CVE-2020-11019: Fixed an issue which could have led to denial of service if logger was set to "WLOG_TRACE". - CVE-2020-11038: Fixed a buffer overflow when /video redirection was used. - CVE-2020-11039: Fixed an issue which could have allowed arbitrary memory read and write when USB redirection was enabled. - CVE-2020-11040: Fixed an out of bounds data read in clear_decompress_subcode_rlex. - CVE-2020-11041: Fixed an issue with the configuration for sound backend
Topics Covered
References
#1004108 #1050699 #1050704 #1050708 #1050711
#1050712 #1050714 #1085416 #1087240 #1090677
#1103557 #1104918 #1112028 #1116708 #1117963
#1117964 #1117965 #1117966 #1117967 #1120507
#1129193 #1169679 #1169748 #1171441 #1171443
#1171444 #1171445 #1171446 #1171447 #1171674
#1173247 #1173605 #1174200 #1174321
Cross- CVE-2017-2834 CVE-2017-2835 CVE-2017-2836
CVE-2017-2837 CVE-2017-2838 CVE-2017-2839
CVE-2018-0886 CVE-2018-1000852 CVE-2018-8784
CVE-2018-8785 CVE-2018-8786 CVE-2018-8787
CVE-2018-8788 CVE-2018-8789 CVE-2020-11017
CVE-2020-11018 CVE-2020-11019 CVE-2020-11038
CVE-2020-11039 CVE-2020-11040 CVE-2020-11041
CVE-2020-11043 CVE-2020-11085 CVE-2020-11086
CVE-2020-11087 CVE-2020-11088 CVE-2020-11089
...
Read the Full Advisory
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: SUSE-SU-2020:2272-1
Rating: important
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!