Описание
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.
Меры по смягчению последствий
To mitigate this flaw, do not use /rfx, /gfx or /network:auto command line options in the freerdp client.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | freerdp | Out of support scope | ||
| Red Hat Enterprise Linux 7 | freerdp | Fixed | RHSA-2020:4031 | 29.09.2020 |
| Red Hat Enterprise Linux 8 | freerdp | Fixed | RHSA-2020:4647 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | vinagre | Fixed | RHSA-2020:4647 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
2.7 Low
CVSS3
Связанные уязвимости
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read ...
Уязвимость функции rfx_process_message_tileset реализации протокола удалённого рабочего стола FreeRDP, позволяющая нарушителю вызвать отказ в обслуживании
Moderate: freerdp and vinagre security, bug fix, and enhancement update
2.7 Low
CVSS3