ID CVE-2020-11041
Summary In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0.
References
Vulnerable Configurations
  • cpe:2.3:a:freerdp:freerdp:-:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:-:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.0:beta5:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.0:beta5:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:-:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:-:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.1.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.1.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.1.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.1.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc4:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 24-10-2023 - 15:30)
Impact:
Exploitability:
CWE CWE-129
CAPEC
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an adversary. As a consequence, an adversary is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the adversaries' choice.
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
redhat via4
rpms
  • freerdp-0:2.1.1-2.el7
  • freerdp-debuginfo-0:2.1.1-2.el7
  • freerdp-devel-0:2.1.1-2.el7
  • freerdp-libs-0:2.1.1-2.el7
  • libwinpr-0:2.1.1-2.el7
  • libwinpr-devel-0:2.1.1-2.el7
  • freerdp-2:2.1.1-1.el8
  • freerdp-debuginfo-2:2.1.1-1.el8
  • freerdp-debugsource-2:2.1.1-1.el8
  • freerdp-devel-2:2.1.1-1.el8
  • freerdp-libs-2:2.1.1-1.el8
  • freerdp-libs-debuginfo-2:2.1.1-1.el8
  • libwinpr-2:2.1.1-1.el8
  • libwinpr-debuginfo-2:2.1.1-1.el8
  • libwinpr-devel-2:2.1.1-1.el8
  • vinagre-0:3.22.0-23.el8
  • vinagre-debuginfo-0:3.22.0-23.el8
  • vinagre-debugsource-0:3.22.0-23.el8
refmap via4
confirm https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w67c-26c4-2h9w
suse openSUSE-SU-2020:1090
Last major update 24-10-2023 - 15:30
Published 29-05-2020 - 19:15
Last modified 24-10-2023 - 15:30
Back to Top