CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
32.9%
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP),
released under the Apache license. Affected versions are subject to an
Out-Of-Bounds Read in the RleDecompress
function. This Out-Of-Bounds Read
occurs because FreeRDP processes the pbSrcBuffer
variable without
checking if it contains data of sufficient length. Insufficient data in the
pbSrcBuffer
variable may cause errors or crashes. This issue has been
addressed in version 3.0.0-beta3. Users are advised to upgrade. There are
no known workarounds for this issue.
github.com/FreeRDP/FreeRDP/blob/5be5553e0da72178a4b94cc1ffbdace9ceb153e5/libfreerdp/codec/include/bitmap.c#L94-L113
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x3x5-r7jm-5pq2
launchpad.net/bugs/cve/CVE-2023-40576
nvd.nist.gov/vuln/detail/CVE-2023-40576
security-tracker.debian.org/tracker/CVE-2023-40576
www.cve.org/CVERecord?id=CVE-2023-40576