ID CVE-2020-11524
Summary libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
References
Vulnerable Configurations
  • cpe:2.3:a:freerdp:freerdp:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:-:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:-:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.0.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.0.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.1.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.1.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.1.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.1.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:freerdp:freerdp:2.0.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:freerdp:freerdp:2.0.0:rc4:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
CVSS
Base: 6.0 (as of 27-07-2020 - 00:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:S/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1836234
    title CVE-2020-11523 freerdp: Integer overflow in region.c
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment freerdp is earlier than 0:2.0.0-4.rc4.el7_8
            oval oval:com.redhat.rhsa:tst:20202334001
          • comment freerdp is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190697002
        • AND
          • comment freerdp-devel is earlier than 0:2.0.0-4.rc4.el7_8
            oval oval:com.redhat.rhsa:tst:20202334003
          • comment freerdp-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190697004
        • AND
          • comment freerdp-libs is earlier than 0:2.0.0-4.rc4.el7_8
            oval oval:com.redhat.rhsa:tst:20202334005
          • comment freerdp-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190697006
        • AND
          • comment libwinpr is earlier than 0:2.0.0-4.rc4.el7_8
            oval oval:com.redhat.rhsa:tst:20202334007
          • comment libwinpr is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192157008
        • AND
          • comment libwinpr-devel is earlier than 0:2.0.0-4.rc4.el7_8
            oval oval:com.redhat.rhsa:tst:20202334009
          • comment libwinpr-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192157010
    rhsa
    id RHSA-2020:2334
    released 2020-05-28
    severity Important
    title RHSA-2020:2334: freerdp security update (Important)
  • bugzilla
    id 1836234
    title CVE-2020-11523 freerdp: Integer overflow in region.c
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • comment freerdp is earlier than 2:2.0.0-46.rc4.el8_2.1
            oval oval:com.redhat.rhsa:tst:20202336001
          • comment freerdp is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190697002
        • AND
          • comment freerdp-debugsource is earlier than 2:2.0.0-46.rc4.el8_2.1
            oval oval:com.redhat.rhsa:tst:20202336003
          • comment freerdp-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20202336004
        • AND
          • comment freerdp-devel is earlier than 2:2.0.0-46.rc4.el8_2.1
            oval oval:com.redhat.rhsa:tst:20202336005
          • comment freerdp-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190697004
        • AND
          • comment freerdp-libs is earlier than 2:2.0.0-46.rc4.el8_2.1
            oval oval:com.redhat.rhsa:tst:20202336007
          • comment freerdp-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190697006
        • AND
          • comment libwinpr is earlier than 2:2.0.0-46.rc4.el8_2.1
            oval oval:com.redhat.rhsa:tst:20202336009
          • comment libwinpr is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192157008
        • AND
          • comment libwinpr-devel is earlier than 2:2.0.0-46.rc4.el8_2.1
            oval oval:com.redhat.rhsa:tst:20202336011
          • comment libwinpr-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20192157010
    rhsa
    id RHSA-2020:2336
    released 2020-05-28
    severity Important
    title RHSA-2020:2336: freerdp security update (Important)
rpms
  • freerdp-0:2.0.0-4.rc4.el7_8
  • freerdp-debuginfo-0:2.0.0-4.rc4.el7_8
  • freerdp-devel-0:2.0.0-4.rc4.el7_8
  • freerdp-libs-0:2.0.0-4.rc4.el7_8
  • libwinpr-0:2.0.0-4.rc4.el7_8
  • libwinpr-devel-0:2.0.0-4.rc4.el7_8
  • freerdp-2:2.0.0-46.rc4.el8_0.1
  • freerdp-debuginfo-2:2.0.0-46.rc4.el8_0.1
  • freerdp-debugsource-2:2.0.0-46.rc4.el8_0.1
  • freerdp-libs-2:2.0.0-46.rc4.el8_0.1
  • freerdp-libs-debuginfo-2:2.0.0-46.rc4.el8_0.1
  • libwinpr-2:2.0.0-46.rc4.el8_0.1
  • libwinpr-debuginfo-2:2.0.0-46.rc4.el8_0.1
  • libwinpr-devel-2:2.0.0-46.rc4.el8_0.1
  • freerdp-2:2.0.0-46.rc4.el8_2.1
  • freerdp-debuginfo-2:2.0.0-46.rc4.el8_2.1
  • freerdp-debugsource-2:2.0.0-46.rc4.el8_2.1
  • freerdp-devel-2:2.0.0-46.rc4.el8_2.1
  • freerdp-libs-2:2.0.0-46.rc4.el8_2.1
  • freerdp-libs-debuginfo-2:2.0.0-46.rc4.el8_2.1
  • libwinpr-2:2.0.0-46.rc4.el8_2.1
  • libwinpr-debuginfo-2:2.0.0-46.rc4.el8_2.1
  • libwinpr-devel-2:2.0.0-46.rc4.el8_2.1
  • freerdp-2:2.0.0-46.rc4.el8_1.1
  • freerdp-debuginfo-2:2.0.0-46.rc4.el8_1.1
  • freerdp-debugsource-2:2.0.0-46.rc4.el8_1.1
  • freerdp-devel-2:2.0.0-46.rc4.el8_1.1
  • freerdp-libs-2:2.0.0-46.rc4.el8_1.1
  • freerdp-libs-debuginfo-2:2.0.0-46.rc4.el8_1.1
  • libwinpr-2:2.0.0-46.rc4.el8_1.1
  • libwinpr-debuginfo-2:2.0.0-46.rc4.el8_1.1
  • libwinpr-devel-2:2.0.0-46.rc4.el8_1.1
refmap via4
confirm
misc https://github.com/FreeRDP/FreeRDP/commits/master
suse openSUSE-SU-2020:1090
ubuntu USN-4379-1
Last major update 27-07-2020 - 00:15
Published 15-05-2020 - 17:15
Last modified 27-07-2020 - 00:15
Back to Top