CVE-2021-41159Out-of-bounds Write in Freerdp

CWE-787Out-of-bounds Write6 documents5 sources
Severity
8.8HIGHNVD
EPSS
0.5%
top 35.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
FreerdpDebian Freerdp2Fedoraproject Fedora
Timeline
PublishedOct 21
Latest updateNov 23

Description

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDfreerdp/freerdp< 2.4.1
debiandebian/freerdp2< freerdp2 2.4.1+dfsg1-1 (bookworm)

Also affects: Fedora 35

🔴Vulnerability Details

2
OSV
freerdp2 vulnerabilities2021-11-23
OSV
CVE-2021-41159: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license2021-10-21

📋Vendor Advisories

3
Ubuntu
FreeRDP vulnerabilities2021-11-23
Red Hat
freerdp: improper client input validation for gateway connections allows to overwrite memory2021-10-21
Debian
CVE-2021-41159: freerdp2 - FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released ...2021
CVE-2021-41159 — Out-of-bounds Write in Freerdp | cvebase