In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
References
Link | Resource |
---|---|
https://github.com/FreeRDP/FreeRDP/commit/58a3122250d54de3a944c487776bcd4d1da4721e | Patch Third Party Advisory |
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f | Third Party Advisory |
http://www.freerdp.com/2020/06/22/2_1_2-released | Release Notes Vendor Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html | Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/ | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/ | Mailing List Third Party Advisory |
https://usn.ubuntu.com/4481-1/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2020-06-22 15:15
Updated : 2022-07-19 04:46
NVD link : CVE-2020-11097
Mitre link : CVE-2020-11097
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
canonical
- ubuntu_linux
freerdp
- freerdp
fedoraproject
- fedora
opensuse
- leap