Mageia: MGASA-2022-0474 Moderate: FreeRDP Input Validation Flaw

mageia

December 17, 2022

Affected versions of FreeRDP are missing input length validation in 'drive' channel

Summary

Affected versions of FreeRDP are missing input length validation in 'drive' channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. (CVE-2022-41877)

References

- https://bugs.mageia.org/show_bug.cgi?id=31290

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YGQN3OWQNHSMWKOF4D35PF5ASKNLC74B/

- https://www.cve.org/CVERecord?id=CVE-2022-41877

Topics Covered

security advisory moderate security update input validation data exposure Mageia FreeRDP

Resolution

SRPMS

- 8/core/freerdp-2.2.0-1.5.mga8

Publication date: 17 Dec 2022

URL: https://advisories.mageia.org/MGASA-2022-0474.html

Type: security

CVE: CVE-2022-41877

Topics Covered

security advisory moderate security update input validation data exposure Mageia FreeRDP

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: MGASA-2022-0474 Moderate: FreeRDP Input Validation Flaw

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: MGASA-2022-0474 Moderate: FreeRDP Input Validation Flaw

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!