Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:1856-1

Опубликовано: 30 мая 2024
Источник: suse-cvrf

Описание

Security update for freerdp

This update for freerdp fixes the following issues:

  • CVE-2024-32658: Fixed out-of-bounds read in Interleaved RLE Bitmap Codec (bsc#1223353).
  • CVE-2024-32659: Fixed out-of-bounds read if ((nWidth == 0) and (nHeight == 0)) (bsc#1223346)
  • CVE-2024-32660: Fixed client crash via invalid huge allocation size (bsc#1223347)
  • CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348)

Список пакетов

SUSE Linux Enterprise Module for Package Hub 15 SP5
freerdp-2.4.0-150400.3.32.1
freerdp-devel-2.4.0-150400.3.32.1
freerdp-proxy-2.4.0-150400.3.32.1
freerdp-server-2.4.0-150400.3.32.1
freerdp-wayland-2.4.0-150400.3.32.1
libfreerdp2-2.4.0-150400.3.32.1
libuwac0-0-2.4.0-150400.3.32.1
libwinpr2-2.4.0-150400.3.32.1
uwac0-0-devel-2.4.0-150400.3.32.1
winpr2-devel-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP6
libfreerdp2-2.4.0-150400.3.32.1
libwinpr2-2.4.0-150400.3.32.1
winpr2-devel-2.4.0-150400.3.32.1
SUSE Linux Enterprise Workstation Extension 15 SP5
freerdp-2.4.0-150400.3.32.1
freerdp-devel-2.4.0-150400.3.32.1
freerdp-proxy-2.4.0-150400.3.32.1
libfreerdp2-2.4.0-150400.3.32.1
libwinpr2-2.4.0-150400.3.32.1
winpr2-devel-2.4.0-150400.3.32.1
openSUSE Leap 15.5
freerdp-2.4.0-150400.3.32.1
freerdp-devel-2.4.0-150400.3.32.1
freerdp-proxy-2.4.0-150400.3.32.1
freerdp-server-2.4.0-150400.3.32.1
freerdp-wayland-2.4.0-150400.3.32.1
libfreerdp2-2.4.0-150400.3.32.1
libuwac0-0-2.4.0-150400.3.32.1
libwinpr2-2.4.0-150400.3.32.1
uwac0-0-devel-2.4.0-150400.3.32.1
winpr2-devel-2.4.0-150400.3.32.1

Ссылки

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-devel-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-proxy-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-server-2.4.0-150400.3.32.1
Ссылки

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-devel-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-proxy-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-server-2.4.0-150400.3.32.1
Ссылки

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-devel-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-proxy-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-server-2.4.0-150400.3.32.1
Ссылки

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-devel-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-proxy-2.4.0-150400.3.32.1
SUSE Linux Enterprise Module for Package Hub 15 SP5:freerdp-server-2.4.0-150400.3.32.1
Ссылки
Уязвимость SUSE-SU-2024:1856-1