Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-8794

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

Related bugs and status

CVE-2018-8794 (Candidate) is related to these bugs:

Bug #1817415: Backport 1.8.4-1 from Disco to Bionic and Cosmic as a security update

Summary				In	Importance	Status
	1817415	Backport 1.8.4-1 from Disco to Bionic and Cosmic as a security update		rdesktop (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/rde...
BID: 106938
CONFIRM: https://research.check...
DEBIAN: DSA-4394
GENTOO: GLSA-201903-06
MLIST: [debian-lts-announce] ...
SUSE: openSUSE-SU-2019:2135