Skip to content

Use-After-Free in gdi_SelectObject

Moderate
akallabeth published GHSA-gwcq-hpq2-m74g Jun 22, 2020

Package

FreeRDP

Affected versions

<= 2.1.1

Patched versions

2.1.2

Description

Impact

  • All FreeRDP based clients using compatibility mode with /relax-order-checks
  • Crash due to double free

Workarounds

Do not use /relax-order-checks

References

GHSL-2020-129

Severity

Moderate

CVE ID

CVE-2020-4031

Weaknesses

No CWEs