SB2024042402 - Multiple vulnerabilities in FreeRDP
Published: April 24, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2024-32658)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ExtractRunLengthRegular. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
2) Out-of-bounds read (CVE-ID: CVE-2024-32662)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in rdp_redirection_read_base64_wchar. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
3) NULL pointer dereference (CVE-ID: CVE-2024-32661)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in rdp_write_logon_info_v1. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
4) Buffer overflow (CVE-ID: CVE-2024-32660)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.
5) Out-of-bounds read (CVE-ID: CVE-2024-32659)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in freerdp_image_copy. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
Remediation
Install update from vendor's website.
References
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v
- https://github.com/FreeRDP/FreeRDP/commit/1a755d898ddc028cc818d0dd9d49d5acff4c44bf
- https://oss-fuzz.com/testcase-detail/4852534033317888
- https://oss-fuzz.com/testcase-detail/6196819496337408
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4
- https://github.com/FreeRDP/FreeRDP/commit/626d10a94a88565d957ddc30768ed08b320049a7
- https://oss-fuzz.com/testcase-detail/4985227207311360
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m
- https://github.com/FreeRDP/FreeRDP/commit/71e463e31b4d69f4022d36bfc814592f56600793
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mxv6-2cw6-m3mx
- https://github.com/FreeRDP/FreeRDP/commit/5e5d27cf310e4c10b854be7667bfb7a5d774eb47
- https://oss-fuzz.com/testcase-detail/5559242514825216
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w
- https://github.com/FreeRDP/FreeRDP/commit/6430945ce003a5e24d454d8566f54aae1b6b617b
- https://oss-fuzz.com/testcase-detail/6156779722440704