CVE-2018-20175 — Out-of-bounds Read in Rdesktop

CWE-125 — Out-of-bounds Read CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 31.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rdesktop Debian Rdesktop Debian Linux

Timeline

PublishedMar 15

Latest updateMay 13

Description

rdesktop versions up to and including v1.8.3 contains several Integer Signedness errors that lead to Out-Of-Bounds Reads in the file mcs.c and result in a Denial of Service (segfault).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/rdesktop< rdesktop 1.8.4-1 (bookworm)

▶Debianrdesktop/rdesktop< 1.8.4-1+3

▶NVDrdesktop/rdesktop1.8.3

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-3v5c-fqm6-hqf5: rdesktop versions up to and including v1↗2022-05-13

▶

OSV

CVE-2018-20175: rdesktop versions up to and including v1↗2019-03-15

▶

📋Vendor Advisories

Red Hat

rdesktop: Denial of Service in mcs_recv_connect_response and mcs_parse_domain_params↗2019-01-04

▶

Debian

CVE-2018-20175: rdesktop - rdesktop versions up to and including v1.8.3 contains several Integer Signedness...↗2018

▶

💬Community

Bugzilla

CVE-2018-20174 CVE-2018-20175 CVE-2018-20176 CVE-2018-20177 CVE-2018-20178 CVE-2018-20179 CVE-2018-20180 CVE-2018-20181 CVE-2018-20182 CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794 CVE-2018-↗2019-01-29

▶

Bugzilla

CVE-2018-20175 rdesktop: Denial of Service in mcs_recv_connect_response and mcs_parse_domain_params↗2019-01-29

▶