Impact
Integer addition on too narrow types leads to allocation of a buffer too small holding the data written.
A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server
Patches
2.9.0
Workarounds
Do not use the /usb
redirection switch
Issue Reporter
Reported by 'Team BT5 (BoB 11th)'
For more information
If you have any questions or comments about this advisory:
Impact
Integer addition on too narrow types leads to allocation of a buffer too small holding the data written.
A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server
Patches
2.9.0
Workarounds
Do not use the
/usb
redirection switchIssue Reporter
Reported by 'Team BT5 (BoB 11th)'
For more information
If you have any questions or comments about this advisory: