ASA-202006-15 log original external raw

[ASA-202006-15] freerdp: multiple issues
Arch Linux Security Advisory ASA-202006-15 ========================================== Severity: High Date : 2020-06-28 CVE-ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 Package : freerdp Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1193 Summary ======= The package freerdp before version 2:2.1.2-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========== Upgrade to 2:2.1.2-1. # pacman -Syu "freerdp>=2:2.1.2-1" The problems have been fixed upstream in version 2.1.2. Workaround ========== None. Description =========== - CVE-2020-4030 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, where logging might bypass string length checks due to an integer overflow. - CVE-2020-4031 (arbitrary code execution) A use-after-free vulnerability has been found in FreeRDP before 2.1.2, in gdi_SelectObject(). Clients using compatibility mode enabled with /relax-order-checks are affected. - CVE-2020-4032 (information disclosure) An integer casting vulnerability leading to an out-of-bounds read has been found in FreeRDP before 2.1.2, in update_recv_secondary_order(), on clients with +glyph-cache or /relax-order-checks options enabled. - CVE-2020-4033 (information disclosure) An out-of-bounds read of up to 4 bytes has been found in FreeRDP before 2.1.2, affecting all FreeRDP based clients with sessions with color depth < 32. - CVE-2020-11095 (information disclosure) A global out-of-bounds read has been found in FreeRDP before 2.1.2, in update_recv_primary_order. - CVE-2020-11096 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in update_read_cache_bitmap_v3_order(). - CVE-2020-11097 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in ntlm_av_pair_get(). - CVE-2020-11098 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in glyph_cache_put. This issue only exists when glyph-cache is enabled, which is not the case by default. - CVE-2020-11099 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in license_read_new_or_upgrade_license_packet(). Impact ====== A remote attacker might be able to access sensitive information or crash the application via a crafted RDP session. A malicious server, or an attacker in position of man-in-the-middle might be able to execute arbitrary code on the affected host. References ========== http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98 https://github.com/FreeRDP/FreeRDP/commit/05cd9ea2290d23931f615c1b004d4b2e69074e27 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g https://github.com/FreeRDP/FreeRDP/commit/6d86e20e1e7caaab4f0c7f89e36d32914dbccc52 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc https://github.com/FreeRDP/FreeRDP/commit/e7bffa64ef5ed70bac94f823e2b95262642f5296 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8 https://github.com/FreeRDP/FreeRDP/commit/0a98c450c58ec150e44781c89aa6f8e7e0f571f5 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2 https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x https://github.com/FreeRDP/FreeRDP/commit/b8beb55913471952f92770c90c372139d78c16c0 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f https://github.com/FreeRDP/FreeRDP/commit/58a3122250d54de3a944c487776bcd4d1da4721e https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv https://github.com/FreeRDP/FreeRDP/commit/c0fd449ec0870b050d350d6d844b1ea6dad4bc7d https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h https://github.com/FreeRDP/FreeRDP/commit/6ade7b4cbfd71c54b3d724e8f2d6ac76a58e879a https://security.archlinux.org/CVE-2020-4030 https://security.archlinux.org/CVE-2020-4031 https://security.archlinux.org/CVE-2020-4032 https://security.archlinux.org/CVE-2020-4033 https://security.archlinux.org/CVE-2020-11095 https://security.archlinux.org/CVE-2020-11096 https://security.archlinux.org/CVE-2020-11097 https://security.archlinux.org/CVE-2020-11098 https://security.archlinux.org/CVE-2020-11099

[ASA-202006-15] freerdp: multiple issues

Arch Linux Security Advisory ASA-202006-15 ========================================== Severity: High Date : 2020-06-28 CVE-ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 Package : freerdp Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1193 Summary ======= The package freerdp before version 2:2.1.2-1 is vulnerable to multiple issues including arbitrary code execution and information disclosure. Resolution ========== Upgrade to 2:2.1.2-1. # pacman -Syu "freerdp>=2:2.1.2-1" The problems have been fixed upstream in version 2.1.2. Workaround ========== None. Description =========== - CVE-2020-4030 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, where logging might bypass string length checks due to an integer overflow. - CVE-2020-4031 (arbitrary code execution) A use-after-free vulnerability has been found in FreeRDP before 2.1.2, in gdi_SelectObject(). Clients using compatibility mode enabled with /relax-order-checks are affected. - CVE-2020-4032 (information disclosure) An integer casting vulnerability leading to an out-of-bounds read has been found in FreeRDP before 2.1.2, in update_recv_secondary_order(), on clients with +glyph-cache or /relax-order-checks options enabled. - CVE-2020-4033 (information disclosure) An out-of-bounds read of up to 4 bytes has been found in FreeRDP before 2.1.2, affecting all FreeRDP based clients with sessions with color depth < 32. - CVE-2020-11095 (information disclosure) A global out-of-bounds read has been found in FreeRDP before 2.1.2, in update_recv_primary_order. - CVE-2020-11096 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in update_read_cache_bitmap_v3_order(). - CVE-2020-11097 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in ntlm_av_pair_get(). - CVE-2020-11098 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in glyph_cache_put. This issue only exists when glyph-cache is enabled, which is not the case by default. - CVE-2020-11099 (information disclosure) An out-of-bounds read has been found in FreeRDP before 2.1.2, in license_read_new_or_upgrade_license_packet(). Impact ====== A remote attacker might be able to access sensitive information or crash the application via a crafted RDP session. A malicious server, or an attacker in position of man-in-the-middle might be able to execute arbitrary code on the affected host. References ========== http://www.freerdp.com/2020/06/22/2_1_2-released https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98 https://github.com/FreeRDP/FreeRDP/commit/05cd9ea2290d23931f615c1b004d4b2e69074e27 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g https://github.com/FreeRDP/FreeRDP/commit/6d86e20e1e7caaab4f0c7f89e36d32914dbccc52 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc https://github.com/FreeRDP/FreeRDP/commit/e7bffa64ef5ed70bac94f823e2b95262642f5296 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8 https://github.com/FreeRDP/FreeRDP/commit/0a98c450c58ec150e44781c89aa6f8e7e0f571f5 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2 https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x https://github.com/FreeRDP/FreeRDP/commit/b8beb55913471952f92770c90c372139d78c16c0 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f https://github.com/FreeRDP/FreeRDP/commit/58a3122250d54de3a944c487776bcd4d1da4721e https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv https://github.com/FreeRDP/FreeRDP/commit/c0fd449ec0870b050d350d6d844b1ea6dad4bc7d https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h https://github.com/FreeRDP/FreeRDP/commit/6ade7b4cbfd71c54b3d724e8f2d6ac76a58e879a https://security.archlinux.org/CVE-2020-4030 https://security.archlinux.org/CVE-2020-4031 https://security.archlinux.org/CVE-2020-4032 https://security.archlinux.org/CVE-2020-4033 https://security.archlinux.org/CVE-2020-11095 https://security.archlinux.org/CVE-2020-11096 https://security.archlinux.org/CVE-2020-11097 https://security.archlinux.org/CVE-2020-11098 https://security.archlinux.org/CVE-2020-11099