Anolis OS update for freerdp (Anolis OS 8.4)



| Updated: 2025-03-29
Risk High
Patch available YES
Number of vulnerabilities 28
CVE-ID CVE-2021-41159
CVE-2021-41160
CVE-2020-11018
CVE-2020-11019
CVE-2020-11038
CVE-2020-11039
CVE-2020-11040
CVE-2020-11041
CVE-2020-11043
CVE-2020-11058
CVE-2020-11085
CVE-2020-11086
CVE-2020-11087
CVE-2020-11088
CVE-2020-11089
CVE-2020-11095
CVE-2020-11096
CVE-2020-11097
CVE-2020-11098
CVE-2020-11099
CVE-2020-11522
CVE-2020-11525
CVE-2020-11526
CVE-2020-13396
CVE-2020-13397
CVE-2020-15103
CVE-2020-4030
CVE-2020-4033
CWE-ID CWE-787
CWE-125
CWE-190
CWE-129
Exploitation vector Network
Public exploit Public exploit code for vulnerability #23 is available.
Vulnerable software
 Anolis OS
Operating systems & Components / Operating system

libwinpr-devel
Operating systems & Components / Operating system package or component

libwinpr
Operating systems & Components / Operating system package or component

freerdp-libs
Operating systems & Components / Operating system package or component

freerdp
Operating systems & Components / Operating system package or component

Vendor OpenAnolis

Security Bulletin

This security bulletin contains information about 28 vulnerabilities.

1) Out-of-bounds write

EUVDB-ID: #VU57585

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-41159

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing /gt:rpc connections. A remote server can send specially crafted data to the client, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU57584

Risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-41160

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing connections with GDI or SurfaceCommands. A remote server can send specially crafted data to the client, trigger an out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Out-of-bounds read

EUVDB-ID: #VU28502

Risk: Medium

CVSSv4.0: 5.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11018

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the "cliprdr_server_receive_capabilities" function. A remote authenticated attacker can send a specially crafted request, trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU28503

Risk: High

CVSSv4.0: 5.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-11019

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in "update_recv" function, when running with logger set to "WLOG_TRACE". A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Integer overflow

EUVDB-ID: #VU28504

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-11038

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in VIDEO channel. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Integer overflow

EUVDB-ID: #VU28505

Risk: High

CVSSv4.0: 5.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-11039

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow in USB redirection channel. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU28506

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11040

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the "clear_decompress_subcode_rlex" function, visualized on screen as color. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Improper Validation of Array Index

EUVDB-ID: #VU28507

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-11041

CWE-ID: CWE-129 - Improper Validation of Array Index

Exploit availability: No

Description

The vulnerability allows a remote user to perform a denal of service (DoS) attack.

The vulnerability exists due to unchecked read of array offset in "rdpsnd_recv_wave2_pdu". A remote administrator can crash the client instance followed by no or distorted sound or a session disconnect.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds read

EUVDB-ID: #VU28508

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11043

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to a boundary condition in the "rfx_process_message_tileset" function. A remote attacker can trigger out-of-bounds read error, results in garbage on screen (as colors).

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU27973

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11058

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in "rdp_read_font_capability_set". A remote authenticated attacker can trigger out-of-bounds read error and cause a denial of service condition on the target system.

Note: This vulnerability affects versions after 1.1

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU28509

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11085

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the "cliprdr_read_format_list" function. A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a deial of service condition.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds read

EUVDB-ID: #VU28510

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-11086

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the "ntlm_read_ntlm_v2_client_challenge" function. A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds read

EUVDB-ID: #VU28513

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-11087

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the "ntlm_read_AuthenticateMessage" function. A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Out-of-bounds read

EUVDB-ID: #VU28512

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-11088

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the "ntlm_read_NegotiateMessage" function. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Out-of-bounds read

EUVDB-ID: #VU28511

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11089

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in the "parallel_process_irp_create", "serial_process_irp_create", "drive_process_irp_write", "printer_process_irp_write", "rdpei_recv_pdu" and "serial_process_irp_write" functions. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Out-of-bounds read

EUVDB-ID: #VU29363

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11095

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in "update_recv_primary_order". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Out-of-bounds read

EUVDB-ID: #VU29364

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11096

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in "update_read_cache_bitmap_v3_order". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Out-of-bounds read

EUVDB-ID: #VU29365

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11097

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in "ntlm_av_pair_get". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU29366

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11098

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in "glyph_cache_put" when "+glyph-cache" option is enabled. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Out-of-bounds read

EUVDB-ID: #VU29367

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11099

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in "license_read_new_or_upgrade_license_packet". A remote attacker can send a specially crafted license packet, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Out-of-bounds read

EUVDB-ID: #VU27987

Risk: High

CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-11522

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in "libfreerdp/gdi/gdi.c". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.

Note: This vulnerability afffects versions greater than 1.0

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Out-of-bounds read

EUVDB-ID: #VU27982

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-11525

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in "libfreerdp/cache/bitmap.c". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Note: This vulnerability affects versions greater than 1.0

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Out-of-bounds read

EUVDB-ID: #VU27971

Risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2020-11526

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack

The vulnerability exists due to a boundary condition in "update_recv_secondary_order" function in the "libfreerdp/core/update.c" file. A remote attacker can trigger out-of-bounds read error and cause a denial of service condition on the target system.

Note: This vulnerability affects verions greater than 1.1

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

24) Out-of-bounds read

EUVDB-ID: #VU28200

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-13396

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. A remote attacker can trigger out-of-bounds read error via a specially crafted authentication message and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Out-of-bounds read

EUVDB-ID: #VU28201

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-13397

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Integer overflow

EUVDB-ID: #VU32882

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-15103

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow due to missing input sanitation in rdpegfx channel. A remote attacker can trick the victim to connect to a malicious server and perform a denial of service attack.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Out-of-bounds read

EUVDB-ID: #VU29359

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-4030

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in TrioParse. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds read

EUVDB-ID: #VU29362

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-4033

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in RLEDECOMPRESS. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Anolis OS: 8

libwinpr-devel: before 2.2.0-6

libwinpr: before 2.2.0-6

freerdp-libs: before 2.2.0-6

freerdp: before 2.2.0-6

CPE2.3 External links

https://anas.openanolis.cn/errata/detail/ANSA-2021:0197


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###