Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-41160

Опубликовано: 21 окт. 2021
Источник: redhat
CVSS3: 8.8
EPSS Низкий

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send 0 width/height or out of bound rectangles to trigger out of bound writes. With 0 width or heigth the memory allocation will be 0 but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.

A flaw was found in the FreeRDP client where it fails to validate input data when using connections with GDI or SurfaceCommands. This flaw could allow a malicious server sending graphics updates to a client to cause an out of bounds write in client memory using a specially crafted input. The highest threat from this flaw is that it could allow arbitrary code to be executed on the target system.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6freerdpNot affected
Red Hat Enterprise Linux 9freerdpNot affected
Red Hat Enterprise Linux 7freerdpFixedRHSA-2021:461911.11.2021
Red Hat Enterprise Linux 8freerdpFixedRHSA-2021:462211.11.2021
Red Hat Enterprise Linux 8.1 Extended Update SupportfreerdpFixedRHSA-2021:462011.11.2021
Red Hat Enterprise Linux 8.2 Extended Update SupportfreerdpFixedRHSA-2021:462111.11.2021
Red Hat Enterprise Linux 8.4 Extended Update SupportfreerdpFixedRHSA-2021:462311.11.2021

Показывать по

Дополнительная информация

Статус:

Important
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=2016412freerdp: improper region checks in all clients allow out of bound write to memory

EPSS

Процентиль: 32%
0.00122
Низкий

8.8 High

CVSS3

Связанные уязвимости

CVSS3: 5.3
ubuntu
почти 4 года назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.

CVSS3: 5.3
nvd
почти 4 года назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.

CVSS3: 5.3
debian
почти 4 года назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...

CVSS3: 8.8
fstec
почти 4 года назад

Уязвимость реализации протокола удалённого рабочего стола FreeRDP, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

suse-cvrf
почти 3 года назад

Security update for freerdp

EPSS

Процентиль: 32%
0.00122
Низкий

8.8 High

CVSS3