CVE-2018-8789 in Ubuntu

CVE-2018-8789

Priority

Description

FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in
the NTLM Authentication module that results in a Denial of Service
(segfault).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8789
https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6
https://usn.ubuntu.com/usn/usn-3845-1

Assigned-to

amurray

Package

Source: freerdp (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):	released (1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.3)
Ubuntu 18.04 LTS (Bionic Beaver):	needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):	needs-triage
Ubuntu 19.04 (Disco Dingo):	needs-triage

Package

Source: freerdp2 (LP Ubuntu Debian)

Upstream:	released (2.0.0~git20181120.1.e21b72c95+dfsg1-1)
Ubuntu 12.04 ESM (Precise Pangolin):	DNE
Ubuntu 14.04 LTS (Trusty Tahr):	DNE
Ubuntu 16.04 LTS (Xenial Xerus):	DNE
Ubuntu 18.04 LTS (Bionic Beaver):	released (2.0.0~git20170725.1.1648deb+dfsg1-7ubuntu0.1)
Ubuntu 18.10 (Cosmic Cuttlefish):	released (2.0.0~git20180411.1.7a7b1802+dfsg1-2ubuntu0.1)
Ubuntu 19.04 (Disco Dingo):	released (2.0.0~git20181120.1.e21b72c95+dfsg1-1)

More Information

Updated: 2019-01-14 21:33:28 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)