PT-2022-5608 · Freerdp+10 · Freerdp+10

Published

2022-11-16

Updated

2025-02-27

CVE-2022-39320

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 2.9.0

Description The issue is related to the FreeRDP implementation of the remote desktop protocol, where an attempt to add integers to too narrow types leads to the allocation of a buffer that is too small to hold the data written. This can allow a remote attacker to read out of bound data and send it back to the server. A malicious server can trick a FreeRDP-based client into reading out of bound data.

Recommendations For versions prior to 2.9.0, upgrade to version 2.9.0 to address the issue. As a temporary workaround for users unable to upgrade, do not use the /usb redirection switch.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2023:2326

ALSA-2023:2851

ALT-PU-2022-3127

ALT-PU-2022-3189

ALT-PU-2022-3199

ALT-PU-2022-3288

BDU:2022-06971

CESA-2023_2851

CVE-2022-39320

DLA-4070-1

GHSA-QFQ2-82QR-7F4J

MGASA-2022-0447

OESA-2022-2120

OPENSUSE-SU-2023_0399-1

OPENSUSE-SU-2024:12523-1

RHSA-2023:2326

RHSA-2023:2851

RHSA-2023_2326

RHSA-2023_2851

SUSE-SU-2023:0399-1

SUSE-SU-2023:0400-1

USN-5734-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Freerdp

Linuxmint

Red Hat

Red Os

Suse

Ubuntu

PT-2022-5608 · Freerdp+10 · Freerdp+10

CVE-2022-39320

Weakness Enumeration

Related Identifiers

Affected Products

References · 84