CVE-2020-11041

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-11041
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11041.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-11041
Downstream
Related
Published
2020-05-29T19:15:10.497Z
Modified
2026-02-24T09:14:05.895414Z
Severity
  • 2.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0.

References

Affected packages

Git / gitlab.gnome.org/GNOME/libxml2

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/GNOME/libxml2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c230410eadbada15092c04f92d01068af8a19f8d

Affected versions

Other
EAZEL-NAUTILUS-MS-AUG07
FOR_GNOME_0_99_1
GNOME_0_30
GNUMERIC_FIRST_PUBLIC_RELEASE
LIBXML_0_99
LIBXML_1_5_0
LIBXML_1_8_5
LIBXML_1_8_6
LIBXML_2_0_0
LIBXML_TEST_2_0_0
LIB_XML_1_1
LIB_XML_1_3
LIB_XML_1_4
LIB_XML_1_6_1
LIB_XML_1_6_2
LIB_XML_1_7_0
LIB_XML_1_7_1
LIB_XML_1_7_3
LIB_XML_1_8_3
LIB_XML_1_X

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11041.json"
vanir_signatures 
[
    {
        "id": "CVE-2020-11041-4fa8ca34",
        "source": "https://gitlab.gnome.org/GNOME/libxml2@c230410eadbada15092c04f92d01068af8a19f8d",
        "target": {
            "file": "example/gjobread.c",
            "function": "main"
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "length": 289.0,
            "function_hash": "217067580253948699484829138099054328869"
        }
    },
    {
        "id": "CVE-2020-11041-eabbf092",
        "source": "https://gitlab.gnome.org/GNOME/libxml2@c230410eadbada15092c04f92d01068af8a19f8d",
        "target": {
            "file": "example/gjobread.c"
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "287042595298680527861991348108261089809",
                "169182630361917727940441134910200921263",
                "198842561615446092675493735186734618685"
            ],
            "threshold": 0.9
        }
    }
]