PT-2020-2557 · Freerdp+6 · Freerdp+6

Bmiklautz

Published

2020-04-09

Updated

2024-06-15

CVE-2020-11039

CVSS v3.1

8.0

High

Vector

AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 2.1.0

Description The issue is caused by an integer overflow in the implementation of the FreeRDP protocol, allowing a remote attacker to impact the confidentiality and integrity of protected information. When using a manipulated server with USB redirection enabled, nearly arbitrary memory can be read and written due to integer overflows in length checks.

Recommendations For versions prior to 2.1.0, update to version 2.1.0 or later to resolve the issue. As a temporary workaround, consider disabling USB redirection until a patch is available. Restrict access to the vulnerable FreeRDP protocol to minimize the risk of exploitation. Avoid using the vulnerable length checks function in the affected FreeRDP protocol until the issue is resolved.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALSA-2020:4647

ALT-PU-2020-1941

ALT-PU-2020-1960

BDU:2020-02586

CESA-2020_4031

CESA-2020_4647

CVE-2020-11039

DLA-3606-1

GHSA-MX9P-F6Q8-MQWQ

MGASA-2020-0297

OPENSUSE-SU-2020:1090-1

OPENSUSE-SU-2020_1090-1

OPENSUSE-SU-2024:10768-1

RHSA-2020:4031

RHSA-2020:4647

RHSA-2020_4031

RHSA-2020_4647

RLSA-2020:4647

SUSE-SU-2020:2032-1

SUSE-SU-2020:2068-1

SUSE-SU-2020:2272-1

Affected Products

Alt Linux

Almalinux

Centos

Freerdp

Red Hat

Rocky Linux

Suse

PT-2020-2557 · Freerdp+6 · Freerdp+6

CVE-2020-11039

Weakness Enumeration

Related Identifiers

Affected Products

References · 212