Ubuntu.comUB:CVE-2023-40576CVE-2023-40576
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.2%
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP),
released under the Apache license. Affected versions are subject to an
Out-Of-Bounds Read in the RleDecompress function. This Out-Of-Bounds Read
occurs because FreeRDP processes the pbSrcBuffer variable without
checking if it contains data of sufficient length. Insufficient data in the
pbSrcBuffer variable may cause errors or crashes. This issue has been
addressed in version 3.0.0-beta3. Users are advised to upgrade. There are
no known workarounds for this issue.
References
github.com/FreeRDP/FreeRDP/blob/5be5553e0da72178a4b94cc1ffbdace9ceb153e5/libfreerdp/codec/include/bitmap.c#L94-L113
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x3x5-r7jm-5pq2
launchpad.net/bugs/cve/CVE-2023-40576
nvd.nist.gov/vuln/detail/CVE-2023-40576
security-tracker.debian.org/tracker/CVE-2023-40576
www.cve.org/CVERecord?id=CVE-2023-40576
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.2%