CVE-2019-17177

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-17177
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-17177.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-17177
Downstream
Related
Published
2019-10-04T17:15:10Z
Modified
2025-10-15T10:32:00.339363Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.

References

Affected packages

Git / github.com/freerdp/freerdp

Affected ranges

Type
GIT
Repo
https://github.com/freerdp/freerdp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9fee4ae076b1ec97b97efb79ece08d1dab4df29a

Affected versions

1.*

1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9

2.*

2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4

Database specific 

{
    "vanir_signatures": [
        {
            "signature_type": "Line",
            "target": {
                "file": "winpr/libwinpr/utils/lodepng/lodepng.c"
            },
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "269215551196728372072229002611498048274",
                    "60882436054191971992951776647637498497",
                    "246423792840165743178928287324492503526",
                    "186775369845774264331823368553861729311",
                    "121033979759465712227962233428386596536",
                    "333459367581250853282024688279097815294",
                    "52652199316993592414430078609399706190",
                    "281242411092693082450489738599220562788",
                    "293078200095957182578457349885119669019"
                ]
            },
            "deprecated": false,
            "source": "https://github.com/freerdp/freerdp/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a",
            "id": "CVE-2019-17177-4f8c096a"
        },
        {
            "signature_type": "Function",
            "target": {
                "file": "client/X11/generate_argument_docbook.c",
                "function": "tr_esc_str"
            },
            "signature_version": "v1",
            "digest": {
                "length": 2318.0,
                "function_hash": "111556578513038953191829364359908659521"
            },
            "deprecated": false,
            "source": "https://github.com/freerdp/freerdp/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a",
            "id": "CVE-2019-17177-7ec9b5d0"
        },
        {
            "signature_type": "Function",
            "target": {
                "file": "libfreerdp/codec/region.c",
                "function": "region16_intersect_rect"
            },
            "signature_version": "v1",
            "digest": {
                "length": 1417.0,
                "function_hash": "238058498232279513812602263336545750696"
            },
            "deprecated": false,
            "source": "https://github.com/freerdp/freerdp/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a",
            "id": "CVE-2019-17177-80fe4fbc"
        },
        {
            "signature_type": "Function",
            "target": {
                "file": "libfreerdp/codec/region.c",
                "function": "region16_simplify_bands"
            },
            "signature_version": "v1",
            "digest": {
                "length": 910.0,
                "function_hash": "182161999730597109211945894636287786661"
            },
            "deprecated": false,
            "source": "https://github.com/freerdp/freerdp/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a",
            "id": "CVE-2019-17177-9e923a88"
        },
        {
            "signature_type": "Line",
            "target": {
                "file": "client/X11/generate_argument_docbook.c"
            },
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "169942117269173459854457627031907093168",
                    "192678371756632553035970616533493584616",
                    "67712262644008916266627221126531232786",
                    "111352148105322516270348382852283456869",
                    "68688189215770436792667200383767070546",
                    "120400749965676790911622306983534637449",
                    "337960107116802670648657492232181897010",
                    "115590768827935740976323704459018392382",
                    "19501158130532074895777220320136227012",
                    "222911646423814009956664567931908529052",
                    "314707534127468225231502214208236632670",
                    "176978620197884198033439116035680797325",
                    "232962076676134982586978795924198445130",
                    "54923070188309183671310197226108892649",
                    "314707534127468225231502214208236632670",
                    "176978620197884198033439116035680797325",
                    "161703410555354982306830631585466092817",
                    "278765345449261648401903298331054283307",
                    "90260239477347542038201787329833467610",
                    "176978620197884198033439116035680797325",
                    "244861578303904110441648214358557235912",
                    "83582483396781978813770731794463705285",
                    "90260239477347542038201787329833467610",
                    "176978620197884198033439116035680797325",
                    "313217851107018138835367919458041581201",
                    "216904702782556537822758554598757525054",
                    "148190799425122740469724662021157560141",
                    "176978620197884198033439116035680797325"
                ]
            },
            "deprecated": false,
            "source": "https://github.com/freerdp/freerdp/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a",
            "id": "CVE-2019-17177-b16b382d"
        },
        {
            "signature_type": "Function",
            "target": {
                "file": "libfreerdp/codec/region.c",
                "function": "region16_union_rect"
            },
            "signature_version": "v1",
            "digest": {
                "length": 2888.0,
                "function_hash": "153710806257076984915596454631468483510"
            },
            "deprecated": false,
            "source": "https://github.com/freerdp/freerdp/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a",
            "id": "CVE-2019-17177-bc572671"
        },
        {
            "signature_type": "Line",
            "target": {
                "file": "libfreerdp/codec/region.c"
            },
            "signature_version": "v1",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "236789859763925190122086759330866475518",
                    "303447436975685695637060891267598298600",
                    "238855805430459233328977818012291901312",
                    "320151404832153686982822229424724071681",
                    "306277995164946684417977004325037077541",
                    "321893086654608489648272653389745040833",
                    "320334514659870503550670014781451630788",
                    "269239849473155655800555847669994911240",
                    "116891536248283089850423111705276134785",
                    "110177783688515234290913881762732141893",
                    "238100245164064885829079799523851780215",
                    "11546404366772640448671224959801578622",
                    "31636775941089041245965245234738855235",
                    "300596855173215564464195492167778391485",
                    "100368184650351677725721506535300695529",
                    "143839062400987009432695694937797317323",
                    "111849370724169758773020147272706896899",
                    "225149152969146341033887566919266056394",
                    "17200948198447921021291136443610520655",
                    "288041447184418308804384182739267874627",
                    "14946096756773680099055441873743711075"
                ]
            },
            "deprecated": false,
            "source": "https://github.com/freerdp/freerdp/commit/9fee4ae076b1ec97b97efb79ece08d1dab4df29a",
            "id": "CVE-2019-17177-fd5cbcf7"
        }
    ]
}