9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
48.9%
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP),
released under the Apache license. Affected versions are subject to an
Out-Of-Bounds Write in the clear_decompress_bands_data
function in which
there is no offset validation. Abuse of this vulnerability may lead to an
out of bounds write. This issue has been addressed in versions 2.11.0 and
3.0.0-beta3. Users are advised to upgrade. there are no known workarounds
for this vulnerability.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | freerdp2 | < 2.2.0+dfsg1-0ubuntu0.18.04.4+esm1 | UNKNOWN |
ubuntu | 20.04 | noarch | freerdp2 | < 2.2.0+dfsg1-0ubuntu0.20.04.5 | UNKNOWN |
ubuntu | 22.04 | noarch | freerdp2 | < 2.6.1+dfsg1-3ubuntu2.4 | UNKNOWN |
ubuntu | 23.04 | noarch | freerdp2 | < 2.10.0+dfsg1-1ubuntu0.2 | UNKNOWN |
ubuntu | 23.10 | noarch | freerdp2 | < 2.10.0+dfsg1-1.1ubuntu1 | UNKNOWN |
github.com/FreeRDP/FreeRDP/blob/5be5553e0da72178a4b94cc1ffbdace9ceb153e5/libfreerdp/codec/clear.c#L612-L618
github.com/FreeRDP/FreeRDP/blob/5be5553e0da72178a4b94cc1ffbdace9ceb153e5/libfreerdp/codec/clear.c#L843-L845
github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2w9f-8wg4-8jfp
launchpad.net/bugs/cve/CVE-2023-40567
nvd.nist.gov/vuln/detail/CVE-2023-40567
security-tracker.debian.org/tracker/CVE-2023-40567
ubuntu.com/security/notices/USN-6401-1
www.cve.org/CVERecord?id=CVE-2023-40567