freerdp: Out-of-bounds write in crypto.c (CVE-2020-13398)

An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

Reference:

https://nvd.nist.gov/vuln/detail/CVE-2020-13398

Patches:

https://github.com/FreeRDP/FreeRDP/commit/8305349a943c68b1bc8c158f431dc607655aadea https://github.com/FreeRDP/FreeRDP/commit/8fb6336a4072abcee8ce5bd6ae91104628c7bb69

Affected branches:

master
3.12-stable

Edited Jun 11, 2020 by Leo

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information