Skip to content

Out of bound read in update_recv

Low
bmiklautz published GHSA-wvrr-2f4r-hjvh May 29, 2020

Package

freerdp

Affected versions

<= 2.0.0

Patched versions

2.1.0

Description

Impact

  • All FreeRDP clients, all platforms, only when running with logger set to WLOG_TRACE
  • Read of invalid array index, data printed as string to local terminal
  • Possible crash of application

Workarounds

Do not set log-level to trace

References

Severity

Low

CVE ID

CVE-2020-11019

Weaknesses

No CWEs