Published: 21/10/2021 Updated: 17/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freerdp freerdp
fedoraproject fedora 33
fedoraproject fedora 34
fedoraproject fedora 35

Debian Bug report logs - #1001062 freerdp2: CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory Package: src:freerdp2; Maintainer for src:freerdp2 is Debian Remote Maintainers <debian-remote@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 3 Dec ...

A flaw was found in the FreeRDP client when it fails to validate input data when using gateway connections This flaw could allow a malicious gateway to send a specially crafted input to a client leading to an out of bounds write in client memory The highest threat from this flaw is that it could allow arbitrary code to be executed on the target s ...

No description is available for this CVE ...

A security issue has been found in FreeRDP before version 241 A malicious server might trigger out of bound writes in a connected client Connections using GDI or SurfaceCommands to send graphics updates to the client might send 0 width/height or out of bound rectangles to trigger out of bound writes With 0 width or heigth the memory allocatio ...

A flaw was found in the FreeRDP client when it fails to validate input data when using gateway connections This flaw could allow a malicious gateway to send a specially crafted input to a client leading to an out of bounds write in client memory The highest threat from this flaw is that it could allow arbitrary code to be executed on the target s ...

CWE-787 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7c9r-6r2q-93qg https://security.gentoo.org/glsa/202210-24 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWJXQOWKNR7O5HM2HFJOM4GBUFPTE3RG/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCR73EDVPLI6TRWRAWJCJ7OBYDKBB74/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WIZUPVRGCWUDAPDOQVUGUIYUO7UWKMXX/https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001062 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2022-1735.html

CVE-2021-41160

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect