CVE-2020-11089

In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
freerdpfreerdp
𝑥
< 2.1.0
opensuseleap
15.1
debiandebian_linux
10.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
freerdp2
bookworm
2.10.0+dfsg1-1
fixed
bullseye
2.3.0+dfsg1-2+deb11u1
fixed
sid
2.11.7+dfsg1-4
fixed
stretch
no-dsa
trixie
2.11.7+dfsg1-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
freerdp
bionic
needed
eoan
dne
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
needed
freerdp2
bionic
Fixed 2.1.1+dfsg1-0ubuntu0.18.04.1
released
eoan
Fixed 2.1.1+dfsg1-0ubuntu0.19.10.1
released
focal
Fixed 2.1.1+dfsg1-0ubuntu0.20.04.1
released
groovy
not-affected
hirsute
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
freerdp
suse enterprise desktop 15 SP1
2.1.2-10.15.1
fixed
suse enterprise desktop 15 SP2
2.1.2-15.7.1
fixed
suse enterprise desktop 15 SP3
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP1
2.1.2-10.15.1
fixed
suse enterprise sap 15 SP2
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP3
2.1.2-15.7.1
fixed
suse enterprise server 15 SP1
2.1.2-10.15.1
fixed
suse enterprise server 15 SP2
2.1.2-15.7.1
fixed
suse enterprise server 15 SP3
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP1
2.1.2-10.15.1
fixed
suse enterprise workstation 15 SP2
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP3
2.1.2-15.7.1
fixed
freerdp-devel
suse enterprise desktop 15 SP1
2.1.2-10.15.1
fixed
suse enterprise desktop 15 SP2
2.1.2-15.7.1
fixed
suse enterprise desktop 15 SP3
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP1
2.1.2-10.15.1
fixed
suse enterprise sap 15 SP2
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP3
2.1.2-15.7.1
fixed
suse enterprise server 15 SP1
2.1.2-10.15.1
fixed
suse enterprise server 15 SP2
2.1.2-15.7.1
fixed
suse enterprise server 15 SP3
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP1
2.1.2-10.15.1
fixed
suse enterprise workstation 15 SP2
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP3
2.1.2-15.7.1
fixed
freerdp-proxy
suse enterprise desktop 15 SP3
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP3
2.1.2-15.7.1
fixed
suse enterprise server 15 SP3
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP3
2.1.2-15.7.1
fixed
libfreerdp2
suse enterprise desktop 15 SP1
2.1.2-10.15.1
fixed
suse enterprise desktop 15 SP2
2.1.2-15.7.1
fixed
suse enterprise desktop 15 SP3
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP1
2.1.2-10.15.1
fixed
suse enterprise sap 15 SP2
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP3
2.1.2-15.7.1
fixed
suse enterprise server 15 SP1
2.1.2-10.15.1
fixed
suse enterprise server 15 SP2
2.1.2-15.7.1
fixed
suse enterprise server 15 SP3
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP1
2.1.2-10.15.1
fixed
suse enterprise workstation 15 SP2
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP3
2.1.2-15.7.1
fixed
libwinpr2
suse enterprise desktop 15 SP1
2.1.2-10.15.1
fixed
suse enterprise desktop 15 SP2
2.1.2-15.7.1
fixed
suse enterprise desktop 15 SP3
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP1
2.1.2-10.15.1
fixed
suse enterprise sap 15 SP2
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP3
2.1.2-15.7.1
fixed
suse enterprise server 15 SP1
2.1.2-10.15.1
fixed
suse enterprise server 15 SP2
2.1.2-15.7.1
fixed
suse enterprise server 15 SP3
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP1
2.1.2-10.15.1
fixed
suse enterprise workstation 15 SP2
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP3
2.1.2-15.7.1
fixed
winpr2-devel
suse enterprise desktop 15 SP1
2.1.2-10.15.1
fixed
suse enterprise desktop 15 SP2
2.1.2-15.7.1
fixed
suse enterprise desktop 15 SP3
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP1
2.1.2-10.15.1
fixed
suse enterprise sap 15 SP2
2.1.2-15.7.1
fixed
suse enterprise sap 15 SP3
2.1.2-15.7.1
fixed
suse enterprise server 15 SP1
2.1.2-10.15.1
fixed
suse enterprise server 15 SP2
2.1.2-15.7.1
fixed
suse enterprise server 15 SP3
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP1
2.1.2-10.15.1
fixed
suse enterprise workstation 15 SP2
2.1.2-15.7.1
fixed
suse enterprise workstation 15 SP3
2.1.2-15.7.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
freerdp
RHEL 7
0:2.1.1-2.el7
fixed
RHEL 8
2:2.1.1-1.el8
fixed
freerdp-devel
RHEL 7
0:2.1.1-2.el7
fixed
RHEL 8
2:2.1.1-1.el8
fixed
freerdp-libs
RHEL 7
0:2.1.1-2.el7
fixed
RHEL 8
2:2.1.1-1.el8
fixed
libwinpr
RHEL 7
0:2.1.1-2.el7
fixed
RHEL 8
2:2.1.1-1.el8
fixed
libwinpr-devel
RHEL 7
0:2.1.1-2.el7
fixed
RHEL 8
2:2.1.1-1.el8
fixed
vinagre
RHEL 8
0:3.22.0-23.el8
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
https://github.com/FreeRDP/FreeRDP/commit/6b485b146a1b9d6ce72dfd7b5f36456c166e7a16
https://github.com/FreeRDP/FreeRDP/commit/795842f4096501fcefc1a7f535ccc8132feb31d7
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hfc7-c5gv-8c2h
https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
https://github.com/FreeRDP/FreeRDP/commit/6b485b146a1b9d6ce72dfd7b5f36456c166e7a16
https://github.com/FreeRDP/FreeRDP/commit/795842f4096501fcefc1a7f535ccc8132feb31d7
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hfc7-c5gv-8c2h
https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html