New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I Found Memory Leak Vulnerability #4866
Comments
@tonix0114 mail sent |
I will send you vulnerability information tomorrow.
2018년 9월 19일 (수) 오후 7:12, akallabeth <notifications@github.com>님이 작성:
… @tonix0114 <https://github.com/tonix0114> mail sent
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#4866 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AVBSTXdRPDEazB1ESdkqBNuwlskascGeks5uchh6gaJpZM4Wva_8>
.
|
tomorrow
2018년 9월 19일 (수) 오후 8:40, 심기용 <tonix0114@gmail.com>님이 작성:
… I will send you vulnerability information tomorrow.
2018년 9월 19일 (수) 오후 7:12, akallabeth ***@***.***>님이 작성:
> @tonix0114 <https://github.com/tonix0114> mail sent
>
> —
> You are receiving this because you were mentioned.
> Reply to this email directly, view it on GitHub
> <#4866 (comment)>,
> or mute the thread
> <https://github.com/notifications/unsubscribe-auth/AVBSTXdRPDEazB1ESdkqBNuwlskascGeks5uchh6gaJpZM4Wva_8>
> .
>
|
Vulnerability Code : channels/drdynvc/client/drdynvc_main.c#858
Send To Server Code : channels/drdynvc/client/drdynvc_main.c#839
As a result, there is a two-byte outbound reading vulnerability that causes a client memory leak. Other code like this prevents this vulnerability. channels/cliprdr/client/cliprdr_main.c#227
Vulnerability LimitsWhen running xfreerdp on the client, you must enable the virtual channel through the / echo option. |
@tonix0114 Thank you for this. Hope the referenced fix eliminates this entirely for this channel. |
Fix for #4866: Added additional length checks
Fixed with #4871 |
freerdp 2.0.0- rc3 has a memory leak vulnerability that can read the client's memory.
This vulnerability occurs in channels / drdynvc / client / drdynvc_main.c.
Please email me if you need more details.
tonix0114@gmail.com
The text was updated successfully, but these errors were encountered: