Showing 1 - 3 of 3

CVE-2022-39318

Status Candidate

Overview

FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch.

Related Files

Red Hat Security Advisory 2023-2851-01: Posted May 16, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2851-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include buffer overflow and out of bounds read vulnerabilities.; tags | advisory, remote, overflow, vulnerability, protocol; systems | linux, redhat, windows; advisories | CVE-2022-39282, CVE-2022-39283, CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-39347, CVE-2022-41877; SHA-256 | f0379894be6666fb53be81f0b55090e4710e35af72a8be9b1039e7b2dbfe5ce8; Download | Favorite | View

Red Hat Security Advisory 2023-2326-01: Posted May 9, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-2326-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include buffer overflow and out of bounds read vulnerabilities.; tags | advisory, remote, overflow, vulnerability, protocol; systems | linux, redhat, windows; advisories | CVE-2022-39282, CVE-2022-39283, CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-39347, CVE-2022-41877; SHA-256 | aa6a2c62ee69d38a9177166d3c52b596b71c178247fd14b3cf1299101261ae67; Download | Favorite | View

Ubuntu Security Notice USN-5734-1: Posted Nov 23, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5734-1 - It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2022-39282, CVE-2022-39318, CVE-2022-39320, CVE-2022-39347; SHA-256 | 9609ba4e931201e651dbbf463f2757f7ca9c25e428f66409e31b3745d1f946c1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 410 files
Ubuntu 104 files
Debian 30 files
Rahad Chowdhury 21 files
BugsBD Limited 21 files
Gentoo 18 files
tmrswrr 14 files
Google Security Research 5 files
Ph0s 5 files
R0ckE7 5 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,914)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,884)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,645)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,149)
UNIX (9,340)
UnixWare (187)
Windows (6,607)
Other

CVE-2022-39318

Overview

Related Files

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems