CVE-2020-11522

Name
CVE-2020-11522
Description
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Patch https://github.com/FreeRDP/FreeRDP/commits/master
Patch https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-48wx-7vgj-fffh
Exploit https://pub.freerdp.com/cve/CVE-2020-11522/pocAnalysis_5.pdf
Third Party Advisory https://usn.ubuntu.com/4379-1/
Third Party Advisory https://usn.ubuntu.com/4382-1/
Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
MLIST https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:* freerdp > 1.0.0 < 2.0.0
cpe:2.3:a:freerdp:freerdp:2.0.0:-:*:*:*:*:*:* freerdp == None == 2.0.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
freerdp2 edge-community 2.0.0-r0 None fixed
freerdp2 3.22-community 2.0.0-r0 None fixed
freerdp edge-community 2.0.0-r1 None fixed
freerdp edge-community 2.0.0-r0 None fixed
freerdp edge-community 2.0.0_rc4-r0 None possibly vulnerable
freerdp 3.22-community 2.0.0-r1 None fixed
freerdp 3.22-community 2.0.0-r0 None fixed
freerdp 3.22-community 2.0.0_rc4-r0 None possibly vulnerable
freerdp 3.21-community 2.0.0-r0 None fixed
freerdp 3.20-community 2.0.0-r0 None fixed
freerdp 3.19-community 2.0.0-r0 None fixed
freerdp 3.18-community 2.0.0-r0 None fixed
freerdp 3.17-community 2.0.0-r0 None fixed