Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-39356
HistoryAug 31, 2023 - 12:00 a.m.

CVE-2023-39356

2023-08-3100:00:00
ubuntu.com
ubuntu.com
10
freerdp
out of bound read
vulnerability
gdi_multi_opaque_rect
function
remote desktop protocol
apache license
upgrade
debian
bugs
unix

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

9.2

Confidence

High

EPSS

0.002

Percentile

62.2%

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP),
released under the Apache license. In affected versions a missing offset
validation may lead to an Out Of Bound Read in the function
gdi_multi_opaque_rect. In particular there is no code to validate if the
value multi_opaque_rect->numRectangles is less than 45. Looping through
multi_opaque_rect->numRectangles without proper boundary checks can lead
to Out-of-Bounds Read errors which will likely lead to a crash. This issue
has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to
upgrade. There are no known workarounds for this vulnerability.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchfreerdp2< 2.2.0+dfsg1-0ubuntu0.18.04.4+esm2UNKNOWN
ubuntu20.04noarchfreerdp2< 2.2.0+dfsg1-0ubuntu0.20.04.6UNKNOWN
ubuntu22.04noarchfreerdp2< 2.6.1+dfsg1-3ubuntu2.5UNKNOWN
ubuntu23.04noarchfreerdp2< 2.10.0+dfsg1-1ubuntu0.3UNKNOWN
ubuntu23.10noarchfreerdp2< 2.10.0+dfsg1-1.1ubuntu1.1UNKNOWN

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

9.2

Confidence

High

EPSS

0.002

Percentile

62.2%