PublicDateAtUSN: 2021-10-21 19:15:00 UTC
Candidate: CVE-2021-41160
PublicDate: 2021-10-21 19:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41160
 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7c9r-6r2q-93qg
 https://ubuntu.com/security/notices/USN-5154-1
Description:
 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP),
 released under the Apache license. In affected versions a malicious server
 might trigger out of bound writes in a connected client. Connections using
 GDI or SurfaceCommands to send graphics updates to the client might send
 `0` width/height or out of bound rectangles to trigger out of bound writes.
 With `0` width or heigth the memory allocation will be `0` but the missing
 bounds checks allow writing to the pointer at this (not allocated) region.
 This issue has been patched in FreeRDP 2.4.1.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: leosilva
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]


Patches_freerdp2:
 upstream: https://github.com/FreeRDP/FreeRDP/commit/217e0caa181fc1690cf84dd6a3ba1a4f90c02692
upstream_freerdp2: needs-triage
trusty_freerdp2: ignored (out of standard support)
xenial_freerdp2: ignored (out of standard support)
bionic_freerdp2: released (2.2.0+dfsg1-0ubuntu0.18.04.2)
focal_freerdp2: released (2.2.0+dfsg1-0ubuntu0.20.04.2)
hirsute_freerdp2: released (2.3.0+dfsg1-1ubuntu0.1)
impish_freerdp2: released (2.3.0+dfsg1-2ubuntu0.1)
jammy_freerdp2: released (2.3.0+dfsg1-2ubuntu2)
devel_freerdp2: released (2.3.0+dfsg1-2ubuntu2)

Patches_freerdp:
upstream_freerdp: needs-triage
esm-infra/xenial_freerdp: needs-triage
trusty_freerdp: ignored (out of standard support)
xenial_freerdp: ignored (out of standard support)
bionic_freerdp: needs-triage