oss-sec mailing list archives
[SECURITY] CVE-2023-30576: Apache Guacamole: Use-after-free in handling of RDP audio input buffer
From: Michael Jumper <mjumper () apache org>
Date: Tue, 6 Jun 2023 10:12:29 -0700
Severity: moderate Base CVSS Score: 6.8 (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N) Affected versions: - Apache Guacamole 0.9.10 through 1.5.1 Description:Apache Guacamole 0.9.10 through 1.5.1 may continue to reference a freed RDP audio input buffer. Depending on timing, this may allow an attacker to execute arbitrary code with the privileges of the guacd process.
Mitigation:Users of versions of Apache Guacamole 1.5.1 and older should upgrade to the 1.5.2 release.
Credit: We would like to thank Stefan Schiller (Sonar) for reporting this issue. References: https://guacamole.apache.org/ https://www.cve.org/CVERecord?id=CVE-2023-30576 Timeline: 2023-04-11: Reported to security () guacamole apache org 2023-04-11: Report acknowledged by project 2023-04-12: Report confirmed by project 2023-05-09: Fix completed and merged 2023-05-09: Fix tested and confirmed by reporter 2023-05-25: Fix released
Current thread:
- [SECURITY] CVE-2023-30576: Apache Guacamole: Use-after-free in handling of RDP audio input buffer Michael Jumper (Jun 06)
- Re: [SECURITY] CVE-2023-30576: Apache Guacamole: Use-after-free in handling of RDP audio input buffer Demi Marie Obenour (Jun 06)