Bugzilla – Bug 1120507
VUL-0: CVE-2018-1000852: freerdp: out of bounds read in drdynvc_process_capability_request
Last modified: 2024-06-26 10:31:20 UTC
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3. References: https://bugzilla.redhat.com/show_bug.cgi?id=1661640 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000852 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000852 https://github.com/FreeRDP/FreeRDP/issues/4866 https://github.com/FreeRDP/FreeRDP/pull/4871 https://github.com/FreeRDP/FreeRDP/pull/4871/commits/baee520e3dd9be6511c45a14c5f5e77784de1471
SUSE-SU-2019:0134-1: An update that solves 8 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1085416,1087240,1104918,1116708,1117963,1117964,1117965,1117966,1117967,1120507 CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP4 (src): freerdp-2.0.0~git.1463131968.4e66df7-12.8.1 SUSE Linux Enterprise Workstation Extension 12-SP3 (src): freerdp-2.0.0~git.1463131968.4e66df7-12.8.1 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): freerdp-2.0.0~git.1463131968.4e66df7-12.8.1 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): freerdp-2.0.0~git.1463131968.4e66df7-12.8.1 SUSE Linux Enterprise Desktop 12-SP4 (src): freerdp-2.0.0~git.1463131968.4e66df7-12.8.1 SUSE Linux Enterprise Desktop 12-SP3 (src): freerdp-2.0.0~git.1463131968.4e66df7-12.8.1
Fix released. Reassign to security experts.
openSUSE-SU-2019:0096-1: An update that solves 8 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 1085416,1087240,1104918,1116708,1117963,1117964,1117965,1117966,1117967,1120507 CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789 Sources used: openSUSE Leap 42.3 (src): freerdp-2.0.0~git.1463131968.4e66df7-13.1
SUSE-SU-2019:0539-1: An update that solves 8 vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1085416,1087240,1103557,1104918,1112028,1116708,1117963,1117964,1117965,1117966,1117967,1120507 CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789 Sources used: SUSE Linux Enterprise Workstation Extension 15 (src): freerdp-2.0.0~rc4-3.3.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): freerdp-2.0.0~rc4-3.3.1
openSUSE-SU-2019:0325-1: An update that solves 8 vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1085416,1087240,1103557,1104918,1112028,1116708,1117963,1117964,1117965,1117966,1117967,1120507 CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789 Sources used: openSUSE Leap 15.0 (src): freerdp-2.0.0~rc4-lp150.2.3.1
Done
SUSE-SU-2020:2272-1: An update that fixes 46 vulnerabilities is now available. Category: security (important) Bug References: 1004108,1050699,1050704,1050708,1050711,1050712,1050714,1085416,1087240,1090677,1103557,1104918,1112028,1116708,1117963,1117964,1117965,1117966,1117967,1120507,1129193,1169679,1169748,1171441,1171443,1171444,1171445,1171446,1171447,1171674,1173247,1173605,1174200,1174321 CVE References: CVE-2017-2834,CVE-2017-2835,CVE-2017-2836,CVE-2017-2837,CVE-2017-2838,CVE-2017-2839,CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789,CVE-2020-11017,CVE-2020-11018,CVE-2020-11019,CVE-2020-11038,CVE-2020-11039,CVE-2020-11040,CVE-2020-11041,CVE-2020-11043,CVE-2020-11085,CVE-2020-11086,CVE-2020-11087,CVE-2020-11088,CVE-2020-11089,CVE-2020-11095,CVE-2020-11096,CVE-2020-11097,CVE-2020-11098,CVE-2020-11099,CVE-2020-11521,CVE-2020-11522,CVE-2020-11523,CVE-2020-11524,CVE-2020-11525,CVE-2020-11526,CVE-2020-13396,CVE-2020-13397,CVE-2020-13398,CVE-2020-15103,CVE-2020-4030,CVE-2020-4031,CVE-2020-4032,CVE-2020-4033 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 12-SP5 (src): freerdp-2.1.2-12.20.1, vinagre-3.20.2-16.3.3 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): freerdp-2.1.2-12.20.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.