CVE-2018-8794Integer Overflow to Buffer Overflow in Rdesktop

CWE-680Integer Overflow to Buffer OverflowCWE-190Integer Overflow or WraparoundCWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents6 sources
Severity
9.8CRITICALNVD
EPSS
6.0%
top 9.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
RdesktopDebian RdesktopCheck Point Software Technologies LTD Rdesktop+2 more
Timeline
PublishedFeb 5
Latest updateMay 13

Description

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

debiandebian/rdesktop< rdesktop 1.8.4-1 (bookworm)
Debianrdesktop/rdesktop< 1.8.4-1+3
CVEListV5check_point_software_technologies_ltd/rdesktopAll versions up to and including v1.8.3
NVDopensuse/leap15.1

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-8v6p-g8m9-hj76: rdesktop versions up to and including v12022-05-13
OSV
CVE-2018-8794: rdesktop versions up to and including v12019-02-05

📋Vendor Advisories

2
Red Hat
rdesktop: Memory corruption in process_bitmap_data2019-01-04
Debian
CVE-2018-8794: rdesktop - rdesktop versions up to and including v1.8.3 contain an Integer Overflow that le...2018

💬Community

3
Bugzilla
CVE-2020-8794 opensmtpd: An out-of-bounds read could lead to remote code execution2020-02-25
Bugzilla
CVE-2018-8794 rdesktop: Memory corruption in process_bitmap_data2019-01-29
Bugzilla
CVE-2018-20174 CVE-2018-20175 CVE-2018-20176 CVE-2018-20177 CVE-2018-20178 CVE-2018-20179 CVE-2018-20180 CVE-2018-20181 CVE-2018-20182 CVE-2018-8791 CVE-2018-8792 CVE-2018-8793 CVE-2018-8794 CVE-2018-2019-01-29