{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-39318", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2024-08-03T12:00:44.109Z", "dateReserved": "2022-09-02T00:00:00", "datePublished": "2022-11-16T00:00:00"}, "containers": {"cna": {"title": "Division by zero in urbdrc channel in FreeRDP", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-01-12T13:06:32.216150"}, "descriptions": [{"lang": "en", "value": "FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch."}], "affected": [{"vendor": "FreeRDP", "product": "FreeRDP", "versions": [{"version": "< 2.9.0", "status": "affected"}]}], "references": [{"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35"}, {"url": "https://github.com/FreeRDP/FreeRDP/commit/80adde17ddc4b596ed1dae0922a0c54ab3d4b8ea"}, {"name": "FEDORA-2022-fd6e43dec8", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/"}, {"name": "FEDORA-2022-076b1c9978", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGQN3OWQNHSMWKOF4D35PF5ASKNLC74B/"}, {"name": "[debian-lts-announce] 20231117 [SECURITY] [DLA 3654-1] freerdp2 security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html"}, {"name": "GLSA-202401-16", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202401-16"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 4.8, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-20: Improper Input Validation", "cweId": "CWE-20"}]}, {"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-369: Divide By Zero", "cweId": "CWE-369"}]}], "source": {"advisory": "GHSA-387j-8j96-7q35", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T12:00:44.109Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35", "tags": ["x_transferred"]}, {"url": "https://github.com/FreeRDP/FreeRDP/commit/80adde17ddc4b596ed1dae0922a0c54ab3d4b8ea", "tags": ["x_transferred"]}, {"name": "FEDORA-2022-fd6e43dec8", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/"}, {"name": "FEDORA-2022-076b1c9978", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGQN3OWQNHSMWKOF4D35PF5ASKNLC74B/"}, {"name": "[debian-lts-announce] 20231117 [SECURITY] [DLA 3654-1] freerdp2 security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html"}, {"name": "GLSA-202401-16", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202401-16"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF273D61-AA72-44FE-937E-D5749D565AEE", "versionEndExcluding": "2.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch."}, {"lang": "es", "value": "FreeRDP es una librer\u00eda y clientes de protocolos de escritorio remoto gratuitos. A las versiones afectadas de FreeRDP les falta validaci\u00f3n de entrada en el canal `urbdrc`. Un servidor malicioso puede enga\u00f1ar a un cliente basado en FreeRDP para que falle con la divisi\u00f3n por cero. Este problema se solucion\u00f3 en la versi\u00f3n 2.9.0. Se recomienda a todos los usuarios que actualicen. Los usuarios que no puedan actualizar no deben usar el interruptor de redirecci\u00f3n `/usb`."}], "id": "CVE-2022-39318", "lastModified": "2024-11-21T07:18:01.557", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-16T21:15:10.407", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/FreeRDP/FreeRDP/commit/80adde17ddc4b596ed1dae0922a0c54ab3d4b8ea"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35"}, {"source": "security-advisories@github.com", "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGQN3OWQNHSMWKOF4D35PF5ASKNLC74B/"}, {"source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202401-16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/FreeRDP/FreeRDP/commit/80adde17ddc4b596ed1dae0922a0c54ab3d4b8ea"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YGQN3OWQNHSMWKOF4D35PF5ASKNLC74B/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202401-16"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-369"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-369"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Upstream acknowledges Team BT5 (BoB 11th) as the original reporter.", "affected_release": [{"advisory": "RHSA-2023:2851", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "freerdp-2:2.2.0-10.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2326", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "freerdp-2:2.4.1-5.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "freerdp: division by zero in urbdrc channel", "id": "2143644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143644"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-20->CWE-369", "details": ["FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malicious server can trick a FreeRDP based client to crash with division by zero. This issue has been addressed in version 2.9.0. All users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch.", "A division-by-zero issue was found in FreeRDP's libusb_udevice.c in the urbdrc channel. This flaw exists due to missing input validation in the urbdrc channel. A malicious server can pass specially crafted data to the client, causing a crash and denial of service."], "name": "CVE-2022-39318", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "freerdp", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "freerdp", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2022-11-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-39318\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-39318\nhttps://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35"], "threat_severity": "Low", "upstream_fix": "freerdp 2.9.0"}