CVE-2023-39352 — Out-of-bounds Write in Freerdp

CWE-787 — Out-of-bounds Write9 documents6 sources

Severity

9.8CRITICALNVD

CNA5.3

EPSS

0.2%

top 58.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Freerdp Debian Linux Fedoraproject Fedora

Timeline

PublishedAug 31

Latest updateDec 7

Description

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values `rect->left` and `rect->top` are exactly equal to `surface->width` and `surface->height`. eg. `rect->left` == `surface->width` && `rect->top` == `surface->height`. In practice this should cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-b…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5freerdp/freerdp< 2.11.0+1

▶NVDfreerdp/freerdp< 2.11.0+1

Also affects: Debian Linux 10.0, Fedora 37, 38, 39

🔴Vulnerability Details

OSV

freerdp2 vulnerabilities↗2023-12-07

▶

OSV

freerdp2 vulnerabilities↗2023-11-29

▶

OSV

CVE-2023-39352: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license↗2023-08-31

▶

CVEList

Invalid offset validation leading to Out Of Bound Write in FreeRDP↗2023-08-31

▶

📋Vendor Advisories

Ubuntu

FreeRDP vulnerabilities↗2023-12-07

▶

Ubuntu

FreeRDP vulnerabilities↗2023-11-29

▶

Red Hat

freerdp: invalid offset validation leading to Out Of Bound Write↗2023-08-31

▶

Debian

CVE-2023-39352: freerdp2 - FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released ...↗2023

▶