PT-2022-5613 · Freerdp+9 · Freerdp+9

Bmiklautz

Published

2022-11-14

Updated

2025-02-15

CVE-2022-41877

CVSS v2.0

9.4

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 2.9.0

Description The issue is related to a lack of input length validation in the drive channel of the FreeRDP protocol implementation. This can be exploited by a malicious server to trick a FreeRDP-based client into reading out of bound data and sending it back to the server, potentially allowing unauthorized access to protected information or causing a denial of service. The vulnerability can be exploited by sending data back to the server using command line options /drive, +drives, or +home-drive.

Recommendations For versions prior to 2.9.0, upgrade to version 2.9.0 or later to address the issue. As a temporary workaround for users unable to upgrade, do not use the drive redirection channel - command line options /drive, +drives, or +home-drive.

Exploit

Fix

Buffer Overflow

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1284CWE-119CWE-125

Related Identifiers

ALSA-2023:2326

ALSA-2023:2851

ALT-PU-2022-3127

ALT-PU-2022-3189

ALT-PU-2022-3199

ALT-PU-2022-3288

BDU:2022-06976

CESA-2023_2851

CVE-2022-41877

DLA-3654-1

DLA-4053-1

GHSA-PMV3-WPW4-PW5H

MGASA-2022-0474

OESA-2022-2112

OPENSUSE-SU-2023_0399-1

RHSA-2023:2326

RHSA-2023:2851

RHSA-2023_2326

RHSA-2023_2851

SUSE-SU-2023:0399-1

SUSE-SU-2023:0400-1

USN-6522-1

USN-6522-2

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Freerdp

Linuxmint

Red Hat

Red Os

Suse

Ubuntu

PT-2022-5613 · Freerdp+9 · Freerdp+9

CVE-2022-41877

Weakness Enumeration

Related Identifiers

Affected Products

References · 82