679416 – (CVE-2018-1000852) <net-misc/freerdp-2.0.0_rc4: out of bounds read in drdynvc_process_capability_request (CVE-2018-1000852)

Bug 679416 (CVE-2018-1000852) - <net-misc/freerdp-2.0.0_rc4: out of bounds read in drdynvc_process_capability_request (CVE-2018-1000852)

Summary: <net-misc/freerdp-2.0.0_rc4: out of bounds read in drdynvc_process_capability...

Status:	RESOLVED FIXED

Alias:	CVE-2018-1000852

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:	CVE-2018-8784, CVE-2018-8785, CVE-2018-8786, CVE-2018-8787, CVE-2018-8788, CVE-2018-8789
Blocks:
	Show dependency tree

Reported:	2019-03-04 16:47 UTC by GLSAMaker/CVETool Bot
Modified:	2020-03-28 19:34 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description GLSAMaker/CVETool Bot gentoo-dev

2019-03-04 16:47:55 UTC

CVE-2018-1000852 (https://nvd.nist.gov/vuln/detail/CVE-2018-1000852):
  FreeRDP FreeRDP 2.0.0-rc3 released version before commit
  205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown
  vulnerability in channels/drdynvc/client/drdynvc_main.c,
  drdynvc_process_capability_request that can result in The RDP server can
  read the client's memory.. This attack appear to be exploitable via
  RDPClient must connect the rdp server with echo option. This vulnerability
  appears to have been fixed in after commit
  205c612820dac644d665b5bb1cdf437dc5ca01e3.

Comment 1 Larry the Git Cow gentoo-dev

2019-09-29 20:50:51 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=90b6afa43fad256f625e2ccbe45a48f889e48f5f

commit 90b6afa43fad256f625e2ccbe45a48f889e48f5f
Author:     Mike Gilbert <floppym@gentoo.org>
AuthorDate: 2019-09-29 20:50:45 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2019-09-29 20:50:45 +0000

    net-misc/freerdp: remove old
    
    Bug: https://bugs.gentoo.org/679416
    Package-Manager: Portage-2.3.75_p7, Repoman-2.3.17_p49
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 net-misc/freerdp/Manifest                    |   1 -
 net-misc/freerdp/freerdp-2.0.0_rc2-r1.ebuild | 119 ---------------------------
 2 files changed, 120 deletions(-)

Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev

2019-10-06 19:52:15 UTC

Why did you revert cleanup (https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8b17e3543da1c86ea2f7718887a82ba822ca0927)?

Comment 3 Mike Gilbert gentoo-dev

2019-10-07 17:05:35 UTC

(In reply to Thomas Deutschmann from comment #2)
> Why did you revert cleanup
> (https://gitweb.gentoo.org/repo/gentoo.git/commit/
> ?id=8b17e3543da1c86ea2f7718887a82ba822ca0927)?

ppc is lagging on stabilization due to failing tests. See bug 672010.

Comment 4 Larry the Git Cow gentoo-dev

2019-12-12 20:15:23 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08f2438131f86e39251efb3620668c776f9f4243

commit 08f2438131f86e39251efb3620668c776f9f4243
Author:     Mike Gilbert <floppym@gentoo.org>
AuthorDate: 2019-12-12 20:14:23 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2019-12-12 20:15:13 +0000

    net-misc/freerdp: remove old
    
    Bug: https://bugs.gentoo.org/672010
    Bug: https://bugs.gentoo.org/679416
    Package-Manager: Portage-2.3.80_p5, Repoman-2.3.19_p4
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 net-misc/freerdp/Manifest                         |   1 -
 net-misc/freerdp/files/2.0.0-rc2-primitives.patch |  41 --------
 net-misc/freerdp/freerdp-2.0.0_rc2-r1.ebuild      | 120 ----------------------
 3 files changed, 162 deletions(-)

Comment 5 Sam James archtester

2020-03-28 19:34:03 UTC

Tree is clean.