RHSA-2020:4647MediumCVSS 7.1

Red Hat Security Advisory: freerdp and vinagre security, bug fix, and enhancement update

Published
November 4, 2020
Last Modified
June 26, 2026

🔗 CVE IDs covered (25)

📋 Description

CVE-2020-11018 — freerdp: Out of bound read in cliprdr_server_receive_capabilities CVE-2020-11019 — freerdp: Out of bound read in update_recv could result in a crash CVE-2020-11038 — freerdp: Integer overflow in VIDEO channel CVE-2020-11039 — freerdp: Out of bound read/write in usb redirection channel CVE-2020-11040 — freerdp: Out of bound access in clear_decompress_subcode_rlex CVE-2020-11041 — freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu CVE-2020-11042 — freerdp: out-of-bounds read in update_read_icon_info function CVE-2020-11043 — freerdp: out of bound read in rfx_process_message_tileset CVE-2020-11044 — freerdp: double free in update_read_cache_bitmap_v3_order function CVE-2020-11045 — freerdp: out of bounds read in update_read_bitmap_data function CVE-2020-11046 — freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read CVE-2020-11047 — freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function CVE-2020-11048 — freerdp: out-of-bounds read could result in aborting the session CVE-2020-11049 — freerdp: out-of-bound read of client memory that is then passed on to the protocol parser CVE-2020-11058 — freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could lead to out-of-bounds read CVE-2020-11085 — freerdp: out-of-bounds read in cliprdr_read_format_list function CVE-2020-11086 — freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge function CVE-2020-11087 — freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage CVE-2020-11088 — freerdp: out-of-bounds read in ntlm_read_NegotiateMessage CVE-2020-11089 — freerdp: out-of-bounds read in irp functions CVE-2020-11522 — freerdp: out-of-bounds read in gdi.c CVE-2020-11525 — freerdp: out-of-bounds read in bitmap.c CVE-2020-11526 — freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later CVE-2020-13396 — freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. CVE-2020-13397 — freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c

🔗 References (33)