In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.
References
Link | Resource |
---|---|
https://github.com/FreeRDP/FreeRDP/commit/67c2aa52b2ae0341d469071d1bc8aab91f8d2ed8 | Patch Third Party Advisory |
https://github.com/FreeRDP/FreeRDP/issues/6013 | Exploit Third Party Advisory |
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgqh-p732-6x2w | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html | Mailing List Third Party Advisory |
https://usn.ubuntu.com/4379-1/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2020-05-07T00:00:00
Updated: 2023-10-07T20:07:36.836022
Reserved: 2020-03-30T00:00:00
Link: CVE-2020-11044
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-07T19:15:11.720
Modified: 2023-10-24T14:06:05.697
Link: CVE-2020-11044
JSON object: View
Redhat Information
No data.