PRIOn knowledge basePRION:CVE-2023-40567

HistoryAug 31, 2023 - 10:15 p.m.

Out-of-bounds

2023-08-3122:15:00

PRIOn knowledge base

www.prio-n.com

freerdp

out-of-bounds write

vulnerability

remote desktop protocol

apache license

clear_decompress_bands_data

offset validation

upgrade

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.9%

JSON

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the clear_decompress_bands_data function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds write. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. there are no known workarounds for this vulnerability.

CPENameOperatorVersion
debian_linuxeq10.0
fedoraeq37
fedoraeq38
fedoraeq39
freerdpeq3.0.0 beta1
freerdpeq3.0.0 beta2
freerdplt2.11.0

Name	Operator	Version
debian_linux	eq	10.0
fedora	eq	37
fedora	eq	38
fedora	eq	39
freerdp	eq	3.0.0 beta1
freerdp	eq	3.0.0 beta2
freerdp	lt	2.11.0

References

github.com/FreeRDP/FreeRDP/blob/5be5553e0da72178a4b94cc1ffbdace9ceb153e5/libfreerdp/codec/clear.c

github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2w9f-8wg4-8jfp

lists.debian.org/debian-lts-announce/2023/10/msg00008.html

lists.fedoraproject.org/archives/list/[email protected]/message/A6LLDAPEXRDJOM3PREDDD267SSNT77DP/

lists.fedoraproject.org/archives/list/[email protected]/message/IHMTGKCZXJPQOR5ZD2I4GPDNP2DKRXMF/

lists.fedoraproject.org/archives/list/[email protected]/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/

security.gentoo.org/glsa/202401-16