Advisories ยป MGASA-2022-0474

Updated freerdp packages fix security vulnerability

Publication date: 17 Dec 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-41877

Description

Affected versions of FreeRDP are missing input length validation in
'drive' channel. A malicious server can trick a FreeRDP based client to
read out of bound data and send it back to the server. (CVE-2022-41877)
                

References

SRPMS

8/core