PT-2020-5657 · Freerdp+8 · Freerdp+8

Bmiklautz

Published

2020-07-21

Updated

2024-06-15

CVE-2020-15103

CVSS v3.1

3.5

Low

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 2.2.0

Description The issue is related to an integer overflow in the rdpegfx channel due to missing input sanitation. This allows a malicious server to send data that can crash the client later on by providing invalid length arguments to a memcpy function. All FreeRDP clients are affected. The vulnerability can be exploited by a remote attacker to cause a denial of service.

Recommendations For versions prior to 2.2.0, as a temporary workaround, consider stopping the use of command line arguments /gfx, /gfx-h264, and /network:auto until a patch is available. Update to version 2.2.0 or later to resolve the issue.

Fix

Integer Overflow

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-20CWE-680

Related Identifiers

ALSA-2021:1849

ALT-PU-2020-2426

ALT-PU-2020-2442

BDU:2021-01409

CESA-2021_1849

CVE-2020-15103

DLA-3606-1

GHSA-4R38-6HQ7-J3J9

OESA-2023-1719

OPENSUSE-SU-2020:1332-1

OPENSUSE-SU-2020_1332-1

OPENSUSE-SU-2024:10768-1

RHSA-2021:1849

RHSA-2021_1849

RLSA-2021:1849

SUSE-SU-2020:2272-1

SUSE-SU-2020:2408-1

SUSE-SU-2020:2409-1

USN-4481-1

Affected Products

Alt Linux

Almalinux

Centos

Freerdp

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2020-5657 · Freerdp+8 · Freerdp+8

CVE-2020-15103

Weakness Enumeration

Related Identifiers

Affected Products

References · 150