Red Hat Enterprise Linux 8 update for freerdp and vinagre
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 25 |
| CVE-ID | CVE-2020-11018 CVE-2020-11058 CVE-2020-13397 CVE-2020-13396 CVE-2020-11526 CVE-2020-11525 CVE-2020-11522 CVE-2020-11089 CVE-2020-11088 CVE-2020-11087 CVE-2020-11086 CVE-2020-11085 CVE-2020-11049 CVE-2020-11019 CVE-2020-11048 CVE-2020-11047 CVE-2020-11046 CVE-2020-11045 CVE-2020-11044 CVE-2020-11043 CVE-2020-11042 CVE-2020-11041 CVE-2020-11040 CVE-2020-11039 CVE-2020-11038 |
| CWE-ID | CWE-125 CWE-415 CWE-129 CWE-190 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #5 is available. |
| Vulnerable software Subscribe |
freerdp (Red Hat package) Operating systems & Components / Operating system package or component vinagre (Red Hat package) Operating systems & Components / Operating system package or component Red Hat CodeReady Linux Builder for ARM 64 Operating systems & Components / Operating system Red Hat CodeReady Linux Builder for Power, little endian Operating systems & Components / Operating system Red Hat CodeReady Linux Builder for x86_64 Operating systems & Components / Operating system Red Hat Enterprise Linux for ARM 64 Operating systems & Components / Operating system Red Hat Enterprise Linux for Power, little endian Operating systems & Components / Operating system Red Hat Enterprise Linux for IBM z Systems Operating systems & Components / Operating system Red Hat Enterprise Linux for x86_64 Operating systems & Components / Operating system |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 25 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU28502
Risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11018
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in the "cliprdr_server_receive_capabilities" function. A remote authenticated attacker can send a specially crafted request, trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU27973
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11058
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in "rdp_read_font_capability_set". A remote authenticated attacker can trigger out-of-bounds read error and cause a denial of service condition on the target system.
Note: This vulnerability affects versions after 1.1
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU28201
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-13397
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds read
EUVDB-ID: #VU28200
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-13396
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. A remote attacker can trigger out-of-bounds read error via a specially crafted authentication message and read contents of memory on the system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU27971
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-11526
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack
The vulnerability exists due to a boundary condition in "update_recv_secondary_order" function in the "libfreerdp/core/update.c" file. A remote attacker can trigger out-of-bounds read error and cause a denial of service condition on the target system.
Note: This vulnerability affects verions greater than 1.1
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) Out-of-bounds read
EUVDB-ID: #VU27982
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11525
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in "libfreerdp/cache/bitmap.c". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
Note: This vulnerability affects versions greater than 1.0
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU27987
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11522
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in "libfreerdp/gdi/gdi.c". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.
Note: This vulnerability afffects versions greater than 1.0
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds read
EUVDB-ID: #VU28511
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11089
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "parallel_process_irp_create", "serial_process_irp_create", "drive_process_irp_write", "printer_process_irp_write", "rdpei_recv_pdu" and "serial_process_irp_write" functions. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU28512
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11088
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "ntlm_read_NegotiateMessage" function. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Out-of-bounds read
EUVDB-ID: #VU28513
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11087
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "ntlm_read_AuthenticateMessage" function. A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds read
EUVDB-ID: #VU28510
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11086
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "ntlm_read_ntlm_v2_client_challenge" function. A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds read
EUVDB-ID: #VU28509
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11085
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in the "cliprdr_read_format_list" function. A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a deial of service condition.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Out-of-bounds read
EUVDB-ID: #VU27976
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11049
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in "rdp_read_share_control_header". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.
Note: This vulnerability afffects versions greater than 1.1
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Out-of-bounds read
EUVDB-ID: #VU28503
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11019
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in "update_recv" function, when running with logger set to "WLOG_TRACE". A remote authenticated attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Out-of-bounds read
EUVDB-ID: #VU27977
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11048
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in "rdp_read_flow_control_pdu". A remote authenticated attacker can trigger out-of-bounds read error and cause a denial of service condition on the target system.
Note: This vulnerability affects versions after 1.0
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Out-of-bounds read
EUVDB-ID: #VU27975
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11047
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in "autodetect_recv_bandwidth_measure_results". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
Note: This vulnerability affects versions greater than 1.1
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Out-of-bounds read
EUVDB-ID: #VU27978
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11046
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in "update_read_synchronize". A remote attacker can trigger out-of-bounds read error and cause a denial of service condition on the target system.
Note: This vulnerability affects versions after 1.0
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Out-of-bounds read
EUVDB-ID: #VU27980
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11045
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in "update_read_bitmap_data". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
Note: This vulnerability affects versions after 1.0
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Double Free
EUVDB-ID: #VU27970
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11044
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in "update_read_cache_bitmap_v3_order". A remote attacker can pass specially crafted data to the application, trigger double free error and cause a denal of service condition on the target system.
Note: This vulnerability affects versions greater than 1.2
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Out-of-bounds read
EUVDB-ID: #VU28508
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11043
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary condition in the "rfx_process_message_tileset" function. A remote attacker can trigger out-of-bounds read error, results in garbage on screen (as colors).
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Out-of-bounds read
EUVDB-ID: #VU27974
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11042
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information or perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in "update_read_icon_info". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system or cause a denial of service condition.
Note: This vulnerability afffects versions greater than 1.1
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Improper Validation of Array Index
EUVDB-ID: #VU28507
Risk: Low
CVSSv3.1: 2 [CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11041
CWE-ID:
CWE-129 - Improper Validation of Array Index
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denal of service (DoS) attack.
The vulnerability exists due to unchecked read of array offset in "rdpsnd_recv_wave2_pdu". A remote administrator can crash the client instance followed by no or distorted sound or a session disconnect.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Out-of-bounds read
EUVDB-ID: #VU28506
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11040
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "clear_decompress_subcode_rlex" function, visualized on screen as color. A remote attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Integer overflow
EUVDB-ID: #VU28505
Risk: High
CVSSv3.1: 7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11039
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in USB redirection channel. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Integer overflow
EUVDB-ID: #VU28504
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-11038
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in VIDEO channel. A remote attacker can pass specially crafted data to the application, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
freerdp (Red Hat package): 2.0.0-46.rc4.el8_0.2 - 2.0.0-46.rc4.el8_2.2
vinagre (Red Hat package): 3.22.0-21.el8
Red Hat CodeReady Linux Builder for ARM 64: 8.0
Red Hat CodeReady Linux Builder for Power, little endian: 8.0
Red Hat CodeReady Linux Builder for x86_64: 8.0
Red Hat Enterprise Linux for ARM 64: 8
Red Hat Enterprise Linux for Power, little endian: 8
Red Hat Enterprise Linux for IBM z Systems: 8
Red Hat Enterprise Linux for x86_64: 8.0
External linkshttp://access.redhat.com/errata/RHSA-2020:4647
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
