Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6522-1

Ubuntu Security Notice 6522-1 - It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that FreeRDP incorrectly handled certain surface updates. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.

Packet Storm
#vulnerability#windows#ubuntu#dos
==========================================================================Ubuntu Security Notice USN-6522-1November 29, 2023freerdp2 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 23.10- Ubuntu 23.04- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in FreeRDP.Software Description:- freerdp2: RDP client for Windows Terminal ServicesDetails:It was discovered that FreeRDP incorrectly handled drive redirection. If auser were tricked into connection to a malicious server, a remote attackercould use this issue to cause FreeRDP to crash, resulting in a denial ofservice, or possibly obtain sensitive information. (CVE-2022-41877)It was discovered that FreeRDP incorrectly handled certain surface updates.A remote attacker could use this issue to cause FreeRDP to crash, resultingin a denial of service, or possibly execute arbitrary code.(CVE-2023-39352, CVE-2023-39356)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 23.10:   libfreerdp2-2                   2.10.0+dfsg1-1.1ubuntu1.1Ubuntu 23.04:   libfreerdp2-2                   2.10.0+dfsg1-1ubuntu0.3Ubuntu 22.04 LTS:   libfreerdp2-2                   2.6.1+dfsg1-3ubuntu2.5Ubuntu 20.04 LTS:   libfreerdp2-2                   2.2.0+dfsg1-0ubuntu0.20.04.6In general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-6522-1   CVE-2022-41877, CVE-2023-39352, CVE-2023-39356Package Information:   https://launchpad.net/ubuntu/+source/freerdp2/2.10.0+dfsg1-1.1ubuntu1.1   https://launchpad.net/ubuntu/+source/freerdp2/2.10.0+dfsg1-1ubuntu0.3   https://launchpad.net/ubuntu/+source/freerdp2/2.6.1+dfsg1-3ubuntu2.5   https://launchpad.net/ubuntu/+source/freerdp2/2.2.0+dfsg1-0ubuntu0.20.04.6

Related news

Gentoo Linux Security Advisory 202401-16

Gentoo Linux Security Advisory 202401-16 - Multiple vulnerabilities have been discovered in FreeRDP, the worst of which could result in code execution. Versions greater than or equal to 2.11.0 are affected.

Ubuntu Security Notice USN-6522-2

Ubuntu Security Notice 6522-2 - USN-6522-1 fixed several vulnerabilities in FreeRDP. This update provides the corresponding update for Ubuntu 18.04 LTS. It was discovered that FreeRDP incorrectly handled drive redirection. If a user were tricked into connection to a malicious server, a remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that FreeRDP incorrectly handled certain surface updates. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2023-39352: Invalid offset validation leading to Out Of Bound Write

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values `rect->left` and `rect->top` are exactly equal to `surface->width` and `surface->height`. eg. `rect->left` == `surface->width` && `rect->top` == `surface->height`. In practice this should cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE-2023-39356: Missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Red Hat Security Advisory 2023-2851-01

Red Hat Security Advisory 2023-2851-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include buffer overflow and out of bounds read vulnerabilities.

RHSA-2023:2851: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-39282: A vulnerability was found in FreeRDP where clients on UNIX systems using /parallel command line switch might read uninitialized data and send it to the client's server. The vulnerability allows a remote attacker to gain access to sensitive information. * CVE-2022-39283: A vulnerability was found in FreeRDP where all clients using the /video comma...

RHSA-2023:2326: Red Hat Security Advisory: freerdp security update

An update for freerdp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-39282: A vulnerability was found in FreeRDP where clients on UNIX systems using /parallel command line switch might read uninitialized data and send it to the client's server. The vulnerability allows a remote attacker to gain access to sensitive information. * CVE-2022-39283: A vulnerability was found in FreeRDP where all clients using the /video comma...

CVE-2022-41877: Missing input length validation in `drive` channel

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the drive redirection channel - command line options `/drive`, `+drives` or `+home-drive`.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution