Out of bound read/write in usb redirection channel
Moderate
bmiklautz
published
GHSA-mx9p-f6q8-mqwqMay 29, 2020
Package
freerdp
Affected versions
<= 2.0.0
Patched versions
2.1.0
Description
Impact
All FreeRDP based clients, all platforms
When using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks.
Impact
When using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks.
Workarounds
Deactivate USB redirection client side.
References