Описание
Moderate: freerdp security update
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
-
freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)
-
freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)
-
freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)
-
freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)
-
freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)
-
freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)
-
freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)
-
freerdp: out-of-bounds read (CVE-2024-32662)
-
FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)
-
freerdp: zgfx_decompress out of memory (CVE-2024-32660)
-
freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)
-
freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 9.5 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 9
Ссылки на источники
Исправления
- Red Hat - 2259483
- Red Hat - 2276721
- Red Hat - 2276722
- Red Hat - 2276723
- Red Hat - 2276724
- Red Hat - 2276725
- Red Hat - 2276726
- Red Hat - 2276804
- Red Hat - 2276961
- Red Hat - 2276968
- Red Hat - 2276970
- Red Hat - 2276971
