Skip to content

Stream out of bounds seek in update_read_synchronize could lead out of bounds read later

Low
bmiklautz published GHSA-hx48-wmmm-mr5q May 6, 2020

Package

freerdp

Affected versions

> 1.0

Patched versions

2.0.0

Description

Impact

  • All FreeRDP clients and servers, all platforms

Out of bound read. Allows to terminate existing sessions at an invalid input offset, no data can be extracted.

Patches

Fixed with commit ed53cd1

Workarounds

None

References

#6006

Severity

Low

CVE ID

CVE-2020-11046

Weaknesses

No CWEs