CVE-2020-13398

2020-05-22 20:15:00 2020-11-09 22:46:00

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

Vector

NETWORK

Complexity

LOW

Authentication

SINGLE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Opensuse Leap 15.1 * * * (not an official CPE) Debian Debian linux 9.0 * * * (not an official CPE) Canonical Ubuntu linux 20.04 * * * (not an official CPE) Canonical Ubuntu linux 19.10 * * * (not an official CPE) Canonical Ubuntu linux 18.04 * * * (not an official CPE) Canonical Ubuntu linux 16.04 * * * (not an official CPE)

Freerdp Freerdp * * * * (not an official CPE)

Freerdp - Freerdp Opensuse - Leap Debian - Debian linux Canonical - Ubuntu linux

Advisory	Patch	Confirmed	Link
			https://usn.ubuntu.com/4379-1/
			https://github.com/FreeRDP/FreeRDP/commit/8305349a943c68...
			https://github.com/FreeRDP/FreeRDP/commit/8fb6336a4072ab...
			https://github.com/FreeRDP/FreeRDP/compare/2.1.0...2.1.1
			https://lists.debian.org/debian-lts-announce/2020/08/msg...
			http://lists.opensuse.org/opensuse-security-announce/202...
			https://usn.ubuntu.com/4382-1/