Updated freerdp packages fix security vulnerability
Publication date: 06 Dec 2022Modification date: 06 Dec 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-39316 , CVE-2022-39317 , CVE-2022-39318 , CVE-2022-39319 , CVE-2022-39320 , CVE-2022-39347
Description
In affected versions there is an out of bound read in ZGFX decoder
component of FreeRDP. A malicious server can trick a FreeRDP based client
to read out of bound data and try to decode it likely resulting in a
crash. (CVE-2022-39316)
Affected versions of FreeRDP are missing a range check for input offset
index in ZGFX decoder. A malicious server can trick a FreeRDP based client
to read out of bound data and try to decode it. (CVE-2022-39317)
Affected versions of FreeRDP are missing input validation in 'urbdrc'
channel. A malicious server can trick a FreeRDP based client to crash with
division by zero. (CVE-2022-39318)
Affected versions of FreeRDP are missing input length validation in the
'urbdrc' channel. A malicious server can trick a FreeRDP based client to
read out of bound data and send it back to the server. (CVE-2022-39319)
Affected versions of FreeRDP may attempt integer addition on too narrow
types leads to allocation of a buffer too small holding the data written.
A malicious server can trick a FreeRDP based client to read out of bound
data and send it back to the server. (CVE-2022-39320)
Affected versions of FreeRDP are missing path canonicalization and base
path check for `drive` channel. A malicious server can trick a FreeRDP
based client to read files outside the shared directory. (CVE-2022-39347)
References
- https://bugs.mageia.org/show_bug.cgi?id=31173
- https://ubuntu.com/security/notices/USN-5734-1
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5w4j-mrrh-jjrm
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-99cm-4gw7-c8jh
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mvxm-wfj2-5fvh
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qfq2-82qr-7f4j
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c5xq-8v35-pffg
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39316
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39317
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39318
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39319
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39320
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39347
SRPMS
8/core
- freerdp-2.2.0-1.4.mga8