rhsa-2020:4647
Vulnerability from csaf_redhat
Published
2020-11-04 01:25
Modified
2025-10-09 20:00
Summary
Red Hat Security Advisory: freerdp and vinagre security, bug fix, and enhancement update
Notes
Topic
An update for freerdp and vinagre is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
The vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop.
The following packages have been upgraded to a later upstream version: freerdp (2.1.1). (BZ#1834287)
Security Fix(es):
* freerdp: Out of bound read in cliprdr_server_receive_capabilities (CVE-2020-11018)
* freerdp: Out of bound read/write in usb redirection channel (CVE-2020-11039)
* freerdp: out-of-bounds read in update_read_icon_info function (CVE-2020-11042)
* freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function (CVE-2020-11047)
* freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. (CVE-2020-13396)
* freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c (CVE-2020-13397)
* freerdp: Out of bound read in update_recv could result in a crash (CVE-2020-11019)
* freerdp: Integer overflow in VIDEO channel (CVE-2020-11038)
* freerdp: Out of bound access in clear_decompress_subcode_rlex (CVE-2020-11040)
* freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu (CVE-2020-11041)
* freerdp: out of bound read in rfx_process_message_tileset (CVE-2020-11043)
* freerdp: double free in update_read_cache_bitmap_v3_order function (CVE-2020-11044)
* freerdp: out of bounds read in update_read_bitmap_data function (CVE-2020-11045)
* freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read (CVE-2020-11046)
* freerdp: out-of-bounds read could result in aborting the session (CVE-2020-11048)
* freerdp: out-of-bound read of client memory that is then passed on to the protocol parser (CVE-2020-11049)
* freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could lead to out-of-bounds read (CVE-2020-11058)
* freerdp: out-of-bounds read in cliprdr_read_format_list function (CVE-2020-11085)
* freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge function (CVE-2020-11086)
* freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage (CVE-2020-11087)
* freerdp: out-of-bounds read in ntlm_read_NegotiateMessage (CVE-2020-11088)
* freerdp: out-of-bounds read in irp functions (CVE-2020-11089)
* freerdp: out-of-bounds read in gdi.c (CVE-2020-11522)
* freerdp: out-of-bounds read in bitmap.c (CVE-2020-11525)
* freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later (CVE-2020-11526)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp and vinagre is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nThe vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop.\n\nThe following packages have been upgraded to a later upstream version: freerdp (2.1.1). (BZ#1834287)\n\nSecurity Fix(es):\n\n* freerdp: Out of bound read in cliprdr_server_receive_capabilities (CVE-2020-11018)\n\n* freerdp: Out of bound read/write in usb redirection channel (CVE-2020-11039)\n\n* freerdp: out-of-bounds read in update_read_icon_info function (CVE-2020-11042)\n\n* freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function (CVE-2020-11047)\n\n* freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. (CVE-2020-13396)\n\n* freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c (CVE-2020-13397)\n\n* freerdp: Out of bound read in update_recv could result in a crash (CVE-2020-11019)\n\n* freerdp: Integer overflow in VIDEO channel (CVE-2020-11038)\n\n* freerdp: Out of bound access in clear_decompress_subcode_rlex (CVE-2020-11040)\n\n* freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu (CVE-2020-11041)\n\n* freerdp: out of bound read in rfx_process_message_tileset (CVE-2020-11043)\n\n* freerdp: double free in update_read_cache_bitmap_v3_order function (CVE-2020-11044)\n\n* freerdp: out of bounds read in update_read_bitmap_data function (CVE-2020-11045)\n\n* freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read (CVE-2020-11046)\n\n* freerdp: out-of-bounds read could result in aborting the session (CVE-2020-11048)\n\n* freerdp: out-of-bound read of client memory that is then passed on to the protocol parser (CVE-2020-11049)\n\n* freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could lead to out-of-bounds read (CVE-2020-11058)\n\n* freerdp: out-of-bounds read in cliprdr_read_format_list function (CVE-2020-11085)\n\n* freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge function (CVE-2020-11086)\n\n* freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage (CVE-2020-11087)\n\n* freerdp: out-of-bounds read in ntlm_read_NegotiateMessage (CVE-2020-11088)\n\n* freerdp: out-of-bounds read in irp functions (CVE-2020-11089)\n\n* freerdp: out-of-bounds read in gdi.c (CVE-2020-11522)\n\n* freerdp: out-of-bounds read in bitmap.c (CVE-2020-11525)\n\n* freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later (CVE-2020-11526)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4647",
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1761144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1761144"
},
{
"category": "external",
"summary": "1803054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1803054"
},
{
"category": "external",
"summary": "1834287",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834287"
},
{
"category": "external",
"summary": "1835382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835382"
},
{
"category": "external",
"summary": "1835391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835391"
},
{
"category": "external",
"summary": "1835399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835399"
},
{
"category": "external",
"summary": "1835403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835403"
},
{
"category": "external",
"summary": "1835762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835762"
},
{
"category": "external",
"summary": "1835766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835766"
},
{
"category": "external",
"summary": "1835772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835772"
},
{
"category": "external",
"summary": "1835779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835779"
},
{
"category": "external",
"summary": "1836223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836223"
},
{
"category": "external",
"summary": "1836239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836239"
},
{
"category": "external",
"summary": "1836247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836247"
},
{
"category": "external",
"summary": "1839744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1839744"
},
{
"category": "external",
"summary": "1841189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841189"
},
{
"category": "external",
"summary": "1841196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841196"
},
{
"category": "external",
"summary": "1844161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844161"
},
{
"category": "external",
"summary": "1844166",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844166"
},
{
"category": "external",
"summary": "1844171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844171"
},
{
"category": "external",
"summary": "1844177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844177"
},
{
"category": "external",
"summary": "1844184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844184"
},
{
"category": "external",
"summary": "1848008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848008"
},
{
"category": "external",
"summary": "1848012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848012"
},
{
"category": "external",
"summary": "1848018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848018"
},
{
"category": "external",
"summary": "1848022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848022"
},
{
"category": "external",
"summary": "1848029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848029"
},
{
"category": "external",
"summary": "1848034",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848034"
},
{
"category": "external",
"summary": "1848038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848038"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4647.json"
}
],
"title": "Red Hat Security Advisory: freerdp and vinagre security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-09T20:00:36+00:00",
"generator": {
"date": "2025-10-09T20:00:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:4647",
"initial_release_date": "2020-11-04T01:25:08+00:00",
"revision_history": [
{
"date": "2020-11-04T01:25:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:25:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T20:00:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-devel-2:2.1.1-1.el8.i686",
"product": {
"name": "freerdp-devel-2:2.1.1-1.el8.i686",
"product_id": "freerdp-devel-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.1.1-1.el8.i686",
"product": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.i686",
"product_id": "freerdp-debugsource-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.1.1-1.el8.i686",
"product": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.i686",
"product_id": "freerdp-debuginfo-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"product": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"product_id": "freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"product": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"product_id": "libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.1.1-1.el8.i686",
"product": {
"name": "freerdp-libs-2:2.1.1-1.el8.i686",
"product_id": "freerdp-libs-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.1.1-1.el8.i686",
"product": {
"name": "libwinpr-2:2.1.1-1.el8.i686",
"product_id": "libwinpr-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.1.1-1.el8.i686",
"product": {
"name": "libwinpr-devel-2:2.1.1-1.el8.i686",
"product_id": "libwinpr-devel-2:2.1.1-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.1.1-1.el8?arch=i686\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-devel-2:2.1.1-1.el8.x86_64",
"product": {
"name": "freerdp-devel-2:2.1.1-1.el8.x86_64",
"product_id": "freerdp-devel-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"product": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"product_id": "freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"product": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"product_id": "freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"product_id": "freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"product_id": "libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-2:2.1.1-1.el8.x86_64",
"product": {
"name": "freerdp-2:2.1.1-1.el8.x86_64",
"product_id": "freerdp-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.1.1-1.el8.x86_64",
"product": {
"name": "freerdp-libs-2:2.1.1-1.el8.x86_64",
"product_id": "freerdp-libs-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.1.1-1.el8.x86_64",
"product": {
"name": "libwinpr-2:2.1.1-1.el8.x86_64",
"product_id": "libwinpr-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.1.1-1.el8.x86_64",
"product": {
"name": "libwinpr-devel-2:2.1.1-1.el8.x86_64",
"product_id": "libwinpr-devel-2:2.1.1-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.1.1-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "vinagre-0:3.22.0-23.el8.x86_64",
"product": {
"name": "vinagre-0:3.22.0-23.el8.x86_64",
"product_id": "vinagre-0:3.22.0-23.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre@3.22.0-23.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"product": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"product_id": "vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debugsource@3.22.0-23.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"product": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"product_id": "vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debuginfo@3.22.0-23.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-devel-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "freerdp-devel-2:2.1.1-1.el8.ppc64le",
"product_id": "freerdp-devel-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"product_id": "freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"product_id": "freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"product_id": "libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "freerdp-2:2.1.1-1.el8.ppc64le",
"product_id": "freerdp-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "freerdp-libs-2:2.1.1-1.el8.ppc64le",
"product_id": "freerdp-libs-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "libwinpr-2:2.1.1-1.el8.ppc64le",
"product_id": "libwinpr-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"product": {
"name": "libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"product_id": "libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.1.1-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "vinagre-0:3.22.0-23.el8.ppc64le",
"product": {
"name": "vinagre-0:3.22.0-23.el8.ppc64le",
"product_id": "vinagre-0:3.22.0-23.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre@3.22.0-23.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"product": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"product_id": "vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debugsource@3.22.0-23.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"product": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"product_id": "vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debuginfo@3.22.0-23.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-devel-2:2.1.1-1.el8.s390x",
"product": {
"name": "freerdp-devel-2:2.1.1-1.el8.s390x",
"product_id": "freerdp-devel-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.1.1-1.el8.s390x",
"product": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.s390x",
"product_id": "freerdp-debugsource-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"product": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"product_id": "freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"product_id": "freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"product": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"product_id": "libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-2:2.1.1-1.el8.s390x",
"product": {
"name": "freerdp-2:2.1.1-1.el8.s390x",
"product_id": "freerdp-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.1.1-1.el8.s390x",
"product": {
"name": "freerdp-libs-2:2.1.1-1.el8.s390x",
"product_id": "freerdp-libs-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.1.1-1.el8.s390x",
"product": {
"name": "libwinpr-2:2.1.1-1.el8.s390x",
"product_id": "libwinpr-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.1.1-1.el8.s390x",
"product": {
"name": "libwinpr-devel-2:2.1.1-1.el8.s390x",
"product_id": "libwinpr-devel-2:2.1.1-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.1.1-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "vinagre-0:3.22.0-23.el8.s390x",
"product": {
"name": "vinagre-0:3.22.0-23.el8.s390x",
"product_id": "vinagre-0:3.22.0-23.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre@3.22.0-23.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "vinagre-debugsource-0:3.22.0-23.el8.s390x",
"product": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.s390x",
"product_id": "vinagre-debugsource-0:3.22.0-23.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debugsource@3.22.0-23.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"product": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"product_id": "vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debuginfo@3.22.0-23.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-devel-2:2.1.1-1.el8.aarch64",
"product": {
"name": "freerdp-devel-2:2.1.1-1.el8.aarch64",
"product_id": "freerdp-devel-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"product": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"product_id": "freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"product": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"product_id": "freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"product_id": "freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"product_id": "libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-2:2.1.1-1.el8.aarch64",
"product": {
"name": "freerdp-2:2.1.1-1.el8.aarch64",
"product_id": "freerdp-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.1.1-1.el8.aarch64",
"product": {
"name": "freerdp-libs-2:2.1.1-1.el8.aarch64",
"product_id": "freerdp-libs-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.1.1-1.el8.aarch64",
"product": {
"name": "libwinpr-2:2.1.1-1.el8.aarch64",
"product_id": "libwinpr-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.1.1-1.el8.aarch64",
"product": {
"name": "libwinpr-devel-2:2.1.1-1.el8.aarch64",
"product_id": "libwinpr-devel-2:2.1.1-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.1.1-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "vinagre-0:3.22.0-23.el8.aarch64",
"product": {
"name": "vinagre-0:3.22.0-23.el8.aarch64",
"product_id": "vinagre-0:3.22.0-23.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre@3.22.0-23.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"product": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"product_id": "vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debugsource@3.22.0-23.el8?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"product": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"product_id": "vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre-debuginfo@3.22.0-23.el8?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.1.1-1.el8.src",
"product": {
"name": "freerdp-2:2.1.1-1.el8.src",
"product_id": "freerdp-2:2.1.1-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.1.1-1.el8?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "vinagre-0:3.22.0-23.el8.src",
"product": {
"name": "vinagre-0:3.22.0-23.el8.src",
"product_id": "vinagre-0:3.22.0-23.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vinagre@3.22.0-23.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src"
},
"product_reference": "freerdp-2:2.1.1-1.el8.src",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-0:3.22.0-23.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64"
},
"product_reference": "vinagre-0:3.22.0-23.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-0:3.22.0-23.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le"
},
"product_reference": "vinagre-0:3.22.0-23.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-0:3.22.0-23.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x"
},
"product_reference": "vinagre-0:3.22.0-23.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-0:3.22.0-23.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src"
},
"product_reference": "vinagre-0:3.22.0-23.el8.src",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-0:3.22.0-23.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64"
},
"product_reference": "vinagre-0:3.22.0-23.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64"
},
"product_reference": "vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le"
},
"product_reference": "vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x"
},
"product_reference": "vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debuginfo-0:3.22.0-23.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64"
},
"product_reference": "vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64"
},
"product_reference": "vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le"
},
"product_reference": "vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x"
},
"product_reference": "vinagre-debugsource-0:3.22.0-23.el8.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vinagre-debugsource-0:3.22.0-23.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64"
},
"product_reference": "vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.src as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src"
},
"product_reference": "freerdp-2:2.1.1-1.el8.src",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-devel-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-libs-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64"
},
"product_reference": "libwinpr-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.i686",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.s390x",
"relates_to_product_reference": "CRB-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.1.1-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
},
"product_reference": "libwinpr-devel-2:2.1.1-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-11018",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848008"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Out of bound read in cliprdr_server_receive_capabilities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11018"
},
{
"category": "external",
"summary": "RHBZ#1848008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848008"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11018",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11018"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: Out of bound read in cliprdr_server_receive_capabilities"
},
{
"cve": "CVE-2020-11019",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848012"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, when running with logger set to \"WLOG_TRACE\", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Out of bound read in update_recv could result in a crash",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11019"
},
{
"category": "external",
"summary": "RHBZ#1848012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848012"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11019",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11019"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11019",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11019"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by not setting the logging level to \"trace\" on the freerdp server.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: Out of bound read in update_recv could result in a crash"
},
{
"cve": "CVE-2020-11038",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848018"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Integer overflow in VIDEO channel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Although this flaw affects versions of freerdp shipped with Red Hat Enterprise Linux 7 and 8, Red Hat Product Security views this flaw as having low impact because it only affects the freerdp client, the user must connect to an untrusted or compromised server, and it would not lead to a persistent denial of service if exploited.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11038"
},
{
"category": "external",
"summary": "RHBZ#1848018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11038",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11038"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11038",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11038"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by deactivating video redirection on the client side and not using /video.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: Integer overflow in VIDEO channel"
},
{
"cve": "CVE-2020-11039",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848022"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Out of bound read/write in usb redirection channel",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11039"
},
{
"category": "external",
"summary": "RHBZ#1848022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11039",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11039"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "To mitigate this flaw, do not enable USB redirection in the client config.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: Out of bound read/write in usb redirection channel"
},
{
"cve": "CVE-2020-11040",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848029"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Out of bound access in clear_decompress_subcode_rlex",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11040"
},
{
"category": "external",
"summary": "RHBZ#1848029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11040"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "The flaw can be mitigated by not running the freerdp client with the /gfx connection modes and/or not connecting to untrusted or compromised rdp servers.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: Out of bound access in clear_decompress_subcode_rlex"
},
{
"cve": "CVE-2020-11041",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848034"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11041"
},
{
"category": "external",
"summary": "RHBZ#1848034",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848034"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11041",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11041"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "Disable sound for the rdp session in the client.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu"
},
{
"cve": "CVE-2020-11042",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835382"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -\u003e 4GB) to an intermediate buffer. This can be used to crash the client or store information for later retrieval. This has been patched in 2.0.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in update_read_icon_info function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11042"
},
{
"category": "external",
"summary": "RHBZ#1835382",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835382"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11042",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11042"
}
],
"release_date": "2020-03-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: out-of-bounds read in update_read_icon_info function"
},
{
"cve": "CVE-2020-11043",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848038"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out of bound read in rfx_process_message_tileset",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11043"
},
{
"category": "external",
"summary": "RHBZ#1848038",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848038"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11043",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11043"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "To mitigate this flaw, do not use /rfx, /gfx or /network:auto command line options in the freerdp client.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out of bound read in rfx_process_message_tileset"
},
{
"cve": "CVE-2020-11044",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"discovery_date": "2020-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835391"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: double free in update_read_cache_bitmap_v3_order function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11044"
},
{
"category": "external",
"summary": "RHBZ#1835391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11044",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11044"
}
],
"release_date": "2020-03-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: double free in update_read_cache_bitmap_v3_order function"
},
{
"cve": "CVE-2020-11045",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835399"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out of bounds read in update_read_bitmap_data function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11045"
},
{
"category": "external",
"summary": "RHBZ#1835399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11045",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11045"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11045",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11045"
}
],
"release_date": "2020-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out of bounds read in update_read_bitmap_data function"
},
{
"cve": "CVE-2020-11046",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835403"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11046"
},
{
"category": "external",
"summary": "RHBZ#1835403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835403"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11046",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11046"
}
],
"release_date": "2020-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out of bounds seek in update_read_synchronize function could lead out of bounds read"
},
{
"cve": "CVE-2020-11047",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835762"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11047"
},
{
"category": "external",
"summary": "RHBZ#1835762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11047",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11047"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results function"
},
{
"cve": "CVE-2020-11048",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835766"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read could result in aborting the session",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11048"
},
{
"category": "external",
"summary": "RHBZ#1835766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11048",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11048"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11048",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11048"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read could result in aborting the session"
},
{
"cve": "CVE-2020-11049",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835772"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bound read of client memory that is then passed on to the protocol parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11049"
},
{
"category": "external",
"summary": "RHBZ#1835772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835772"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11049",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11049"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bound read of client memory that is then passed on to the protocol parser"
},
{
"cve": "CVE-2020-11058",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1835779"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a result, a manipulated client or server might force a disconnect due to an invalid data read. This has been fixed in 2.0.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could lead to out-of-bounds read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11058"
},
{
"category": "external",
"summary": "RHBZ#1835779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1835779"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11058",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11058"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11058",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11058"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could lead to out-of-bounds read"
},
{
"cve": "CVE-2020-11085",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1844161"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in cliprdr_read_format_list function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11085"
},
{
"category": "external",
"summary": "RHBZ#1844161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844161"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11085",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11085"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "To mitigate this flaw in vulnerable versions, clipboard support should be disabled for freerdp sessions.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in cliprdr_read_format_list function"
},
{
"cve": "CVE-2020-11086",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1844166"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11086"
},
{
"category": "external",
"summary": "RHBZ#1844166",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844166"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11086"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge function"
},
{
"cve": "CVE-2020-11087",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1844171"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11087"
},
{
"category": "external",
"summary": "RHBZ#1844171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11087"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11087",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11087"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage"
},
{
"cve": "CVE-2020-11088",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1844177"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in ntlm_read_NegotiateMessage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11088"
},
{
"category": "external",
"summary": "RHBZ#1844177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844177"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11088"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in ntlm_read_NegotiateMessage"
},
{
"cve": "CVE-2020-11089",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1844184"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in irp functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11089"
},
{
"category": "external",
"summary": "RHBZ#1844184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844184"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11089",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11089"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11089",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11089"
}
],
"release_date": "2020-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
},
{
"category": "workaround",
"details": "The vulnerability is associated with the use of the command line options: /drive, +multitouch, /paralell, /printer, and /servial. To mitigate this vulnerability, do not use these commands.",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in irp functions"
},
{
"cve": "CVE-2020-11522",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1836223"
}
],
"notes": [
{
"category": "description",
"text": "libfreerdp/gdi/gdi.c in FreeRDP \u003e 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in gdi.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11522"
},
{
"category": "external",
"summary": "RHBZ#1836223",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836223"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11522"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11522",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11522"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in gdi.c"
},
{
"cve": "CVE-2020-11525",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1836239"
}
],
"notes": [
{
"category": "description",
"text": "libfreerdp/cache/bitmap.c in FreeRDP versions \u003e 1.0 through 2.0.0-rc4 has an Out of bounds read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in bitmap.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11525"
},
{
"category": "external",
"summary": "RHBZ#1836239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836239"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11525",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11525"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in bitmap.c"
},
{
"cve": "CVE-2020-11526",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1836247"
}
],
"notes": [
{
"category": "description",
"text": "libfreerdp/core/update.c in FreeRDP versions \u003e 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11526"
},
{
"category": "external",
"summary": "RHBZ#1836247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1836247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11526",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11526"
}
],
"release_date": "2020-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later"
},
{
"cve": "CVE-2020-13396",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1841189"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13396"
},
{
"category": "external",
"summary": "RHBZ#1841189",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841189"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13396",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13396"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13396",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13396"
}
],
"release_date": "2020-05-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c."
},
{
"cve": "CVE-2020-13397",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2020-05-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1841196"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-13397"
},
{
"category": "external",
"summary": "RHBZ#1841196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841196"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13397",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13397"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13397",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13397"
}
],
"release_date": "2020-05-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:25:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4647"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"AppStream-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"AppStream-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.src",
"AppStream-8.3.0.GA:vinagre-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debuginfo-0:3.22.0-23.el8.x86_64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.aarch64",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.ppc64le",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.s390x",
"AppStream-8.3.0.GA:vinagre-debugsource-0:3.22.0-23.el8.x86_64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.src",
"CRB-8.3.0.GA:freerdp-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-debugsource-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-devel-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:freerdp-libs-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-debuginfo-2:2.1.1-1.el8.x86_64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.aarch64",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.i686",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.ppc64le",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.s390x",
"CRB-8.3.0.GA:libwinpr-devel-2:2.1.1-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: Out-of-bounds read in security_fips_decrypt in libfreerdp/core/security.c"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…