CVE-2020-11041

In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

24 Oct 2023, 15:30

Type Values Removed Values Added
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
References (MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html - (MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html - Mailing List, Third Party Advisory
First Time Debian debian Linux
Debian

07 Oct 2023, 21:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html -

Information

Published : 2020-05-29 19:15

Updated : 2024-02-28 17:47


NVD link : CVE-2020-11041

Mitre link : CVE-2020-11041

CVE.ORG link : CVE-2020-11041


JSON object : View

Products Affected

debian

  • debian_linux

opensuse

  • leap

freerdp

  • freerdp
CWE
CWE-129

Improper Validation of Array Index