Описание
FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read uninitialized data, decode it as audio/video and display the result. FreeRDP based server implementations are not affected. This issue has been patched in version 2.8.1. If you cannot upgrade do not use the `/video` switch.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| freerdp2 | fixed | 2.8.1+dfsg1-1 | package |
Примечания
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6cf9-3328-qrvh
patch likely: https://github.com/FreeRDP/FreeRDP/commit/be793c3bb776c1bbda9156b427408d5a5eb00f70 (not confirmed by upstream)
Связанные уязвимости
FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read uninitialized data, decode it as audio/video and display the result. FreeRDP based server implementations are not affected. This issue has been patched in version 2.8.1. If you cannot upgrade do not use the `/video` switch.
FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read uninitialized data, decode it as audio/video and display the result. FreeRDP based server implementations are not affected. This issue has been patched in version 2.8.1. If you cannot upgrade do not use the `/video` switch.
FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read uninitialized data, decode it as audio/video and display the result. FreeRDP based server implementations are not affected. This issue has been patched in version 2.8.1. If you cannot upgrade do not use the `/video` switch.
Уязвимость RDP-клиента FreeRDP, связанная с выходом операции за границы буфера в памяти, позволяющая нарушителю получить доступ на чтение, изменение или удаление аудио/видео данных
