FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in freerdp_bitmap_planar_context_reset
leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a RDPGFX_RESET_GRAPHICS_PDU
to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability.
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "FreeRDP developers have rated this as being a low severity issue", "binaries": [ { "binary_name": "freerdp2-dev", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "freerdp2-shadow-x11", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "freerdp2-wayland", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "freerdp2-x11", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libfreerdp-client2-2", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libfreerdp-server2-2", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libfreerdp-shadow-subsystem2-2", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libfreerdp-shadow2-2", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libfreerdp2-2", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libuwac0-0", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libuwac0-dev", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libwinpr-tools2-2", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libwinpr2-2", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "libwinpr2-dev", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" }, { "binary_name": "winpr-utils", "binary_version": "2.6.1+dfsg1-0ubuntu0.20.04.1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "FreeRDP developers have rated this as being a low severity issue", "binaries": [ { "binary_name": "freerdp2-dev", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "freerdp2-shadow-x11", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "freerdp2-shadow-x11-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "freerdp2-wayland", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "freerdp2-wayland-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "freerdp2-x11", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "freerdp2-x11-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-client2-2", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-client2-2-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-server2-2", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-server2-2-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-shadow-subsystem2-2", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-shadow-subsystem2-2-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-shadow2-2", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp-shadow2-2-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp2-2", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libfreerdp2-2-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libuwac0-0", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libuwac0-0-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libuwac0-dev", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libwinpr-tools2-2", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libwinpr-tools2-2-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libwinpr2-2", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libwinpr2-2-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "libwinpr2-dev", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "winpr-utils", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" }, { "binary_name": "winpr-utils-dbgsym", "binary_version": "2.6.1+dfsg1-3ubuntu2.6" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "FreeRDP developers have rated this as being a low severity issue", "binaries": [ { "binary_name": "freerdp2-dev", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-shadow-x11", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-shadow-x11-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-wayland", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-wayland-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-x11", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-x11-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-client2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-client2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-server2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-server2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow-subsystem2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow-subsystem2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libuwac0-0t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libuwac0-0t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libuwac0-dev", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr-tools2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr-tools2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr2-dev", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "winpr-utils", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "winpr-utils-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "FreeRDP developers have rated this as being a low severity issue", "binaries": [ { "binary_name": "freerdp3-dev", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-shadow-x11", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-shadow-x11-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-wayland", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-wayland-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-x11", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-x11-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-client3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-client3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-server3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-server3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow-subsystem3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow-subsystem3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr-tools3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr-tools3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr3-dev", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "winpr3-utils", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "winpr3-utils-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "FreeRDP developers have rated this as being a low severity issue", "binaries": [ { "binary_name": "freerdp2-dev", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-shadow-x11", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-shadow-x11-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-wayland", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-wayland-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-x11", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "freerdp2-x11-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-client2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-client2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-server2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-server2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow-subsystem2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow-subsystem2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp-shadow2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libfreerdp2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libuwac0-0t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libuwac0-0t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libuwac0-dev", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr-tools2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr-tools2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr2-2t64", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr2-2t64-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "libwinpr2-dev", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "winpr-utils", "binary_version": "2.11.5+dfsg1-1build2" }, { "binary_name": "winpr-utils-dbgsym", "binary_version": "2.11.5+dfsg1-1build2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "priority_reason": "FreeRDP developers have rated this as being a low severity issue", "binaries": [ { "binary_name": "freerdp3-dev", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-shadow-x11", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-shadow-x11-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-wayland", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-wayland-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-x11", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "freerdp3-x11-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-client3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-client3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-server3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-server3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow-subsystem3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow-subsystem3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp-shadow3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libfreerdp3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr-tools3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr-tools3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr3-3", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr3-3-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "libwinpr3-dev", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "winpr3-utils", "binary_version": "3.5.0+dfsg1-0ubuntu1" }, { "binary_name": "winpr3-utils-dbgsym", "binary_version": "3.5.0+dfsg1-0ubuntu1" } ] }