Fedora 39 : freerdp (2023-74108ca60d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-74108ca60d advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...

Fedora 37 : freerdp (2023-5e6796cb83)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5e6796cb83 advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...

UBUNTU-CVE-2023-40567

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the cleardecompressbandsdata function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds...

CVE-2023-39353

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...

DEBIAN-CVE-2023-39356

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function gdimultiopaquerect. In particular there is no code to validate if the value...

CVE-2023-39353 Missing offset validation leading to Out Of Bound Read in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...

CVE-2023-39353 Missing offset validation leading to Out Of Bound Read in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to a missing offset validation leading to Out Of Bound Read. In the libfreerdp/codec/rfx.c file there is no offset validation in tile-quantIdxY, tile-quantIdxCb, a...

CVE-2023-39353

CVE-2023-39353 affects FreeRDP. The root cause is a missing offset validation in libfreerdp/codec/rfx.c for tile->quantIdxY, tile->quantIdxCb, and tile->quantIdxCr, allowing crafted input to trigger an out-of-bounds read and likely crash. The issue is documented as fixed in versions 2.11...

Denial Of Service (DoS)

Linux kernel is vulnerable to Denial Of Service DoS. The vulnerability exists due to the missing offset validation in hif.c in the WILC1000 wireless driver which can trigger an out-of-bounds read when parsing a Robust Security Network RSN information element from a Netlink packet...