Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:4622

Опубликовано: 15 нояб. 2021
Источник: rocky
Оценка: Important

Описание

Important: freerdp security update

For more information visit https://errata.rockylinux.org/RLSA-2021:4622

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
freerdpx86_647.el8_5freerdp-2.2.0-7.el8_5.x86_64.rpm
freerdp-libsi6867.el8_5freerdp-libs-2.2.0-7.el8_5.i686.rpm
freerdp-libsx86_647.el8_5freerdp-libs-2.2.0-7.el8_5.x86_64.rpm
libwinpri6867.el8_5libwinpr-2.2.0-7.el8_5.i686.rpm
libwinprx86_647.el8_5libwinpr-2.2.0-7.el8_5.x86_64.rpm
libwinpr-develi6867.el8_5libwinpr-devel-2.2.0-7.el8_5.i686.rpm
libwinpr-develx86_647.el8_5libwinpr-devel-2.2.0-7.el8_5.x86_64.rpm

Показывать по

Связанные CVE

CVE-2021-41159
CVE-2021-41160

Ссылки на источники

Связанные уязвимости

suse-cvrf логотип

SUSE-SU-2022:2993-1

suse-cvrf
почти 3 года назад

Security update for freerdp

oracle-oval логотип

ELSA-2021-4622

oracle-oval
больше 3 лет назад

ELSA-2021-4622: freerdp security update (IMPORTANT)

oracle-oval логотип

ELSA-2021-4619

oracle-oval
больше 3 лет назад

ELSA-2021-4619: freerdp security update (IMPORTANT)

ubuntu логотип

CVE-2021-41160

CVSS3: 5.3
ubuntu
почти 4 года назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.

redhat логотип

CVE-2021-41160

CVSS3: 8.8
redhat
почти 4 года назад

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.