Vulnerability CVE-2021-41160: Information
Description
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
freerdp | sisyphus | 2.4.1-alt1 | 2.11.7-alt2 | ALT-PU-2021-3098-1 | 287769 | Fixed |
freerdp | p10 | 2.4.1-alt1 | 2.11.6-alt1 | ALT-PU-2021-3106-1 | 287814 | Fixed |
freerdp | p9 | 2.4.1-alt1 | 2.9.0-alt1 | ALT-PU-2021-3177-1 | 287815 | Fixed |
freerdp | c10f1 | 2.4.1-alt1 | 2.11.6-alt1 | ALT-PU-2021-3106-1 | 287814 | Fixed |
freerdp | c9f2 | 2.4.1-alt1 | 2.11.6-alt1 | ALT-PU-2021-3105-1 | 287816 | Fixed |