5.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:N/A:P
0.002 Low
EPSS
Percentile
52.6%
In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. (CVE-2022-39316) Affected versions of FreeRDP are missing a range check for input offset index in ZGFX decoder. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it. (CVE-2022-39317) Affected versions of FreeRDP are missing input validation in ‘urbdrc’ channel. A malicious server can trick a FreeRDP based client to crash with division by zero. (CVE-2022-39318) Affected versions of FreeRDP are missing input length validation in the ‘urbdrc’ channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. (CVE-2022-39319) Affected versions of FreeRDP may attempt integer addition on too narrow types leads to allocation of a buffer too small holding the data written. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. (CVE-2022-39320) Affected versions of FreeRDP are missing path canonicalization and base path check for drive
channel. A malicious server can trick a FreeRDP based client to read files outside the shared directory. (CVE-2022-39347)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | freerdp | < 2.2.0-1.4 | freerdp-2.2.0-1.4.mga8 |
bugs.mageia.org/show_bug.cgi?id=31173
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5w4j-mrrh-jjrm
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-99cm-4gw7-c8jh
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c5xq-8v35-pffg
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mvxm-wfj2-5fvh
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qfq2-82qr-7f4j
ubuntu.com/security/notices/USN-5734-1
5.7 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
4.9 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:N/A:P
0.002 Low
EPSS
Percentile
52.6%