Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-32039
Vulnerability from cvelistv5
Published
2024-04-22 20:23
Modified
2025-02-13 17:52
Severity ?
EPSS score ?
Summary
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "freerdp", vendor: "freerdp", versions: [ { lessThanOrEqual: "3.5.0", status: "affected", version: "3.0.0", versionType: "custom", }, { lessThan: "2.11`.6", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-32039", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-04-23T14:02:17.590334Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-26T14:58:59.987Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T02:06:42.839Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, { name: "https://github.com/FreeRDP/FreeRDP/pull/10077", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreeRDP/FreeRDP/pull/10077", }, { name: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", }, { name: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "FreeRDP", vendor: "FreeRDP", versions: [ { status: "affected", version: ">= 3.0.0, 3.5.0", }, { status: "affected", version: "< 2.11.6", }, ], }, ], descriptions: [ { lang: "en", value: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-10T16:09:59.115Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, { name: "https://github.com/FreeRDP/FreeRDP/pull/10077", tags: [ "x_refsource_MISC", ], url: "https://github.com/FreeRDP/FreeRDP/pull/10077", }, { name: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", tags: [ "x_refsource_MISC", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", }, { name: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", tags: [ "x_refsource_MISC", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/", }, ], source: { advisory: "GHSA-q5h8-7j42-j4r9", discovery: "UNKNOWN", }, title: "FreeRDP Integer overflow & OutOfBound Write in clear_decompress_residual_data", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-32039", datePublished: "2024-04-22T20:23:58.360Z", dateReserved: "2024-04-09T15:29:35.939Z", dateUpdated: "2025-02-13T17:52:06.380Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2024-32039\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-04-22T21:15:49.090\",\"lastModified\":\"2025-02-04T18:03:30.070\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).\"},{\"lang\":\"es\",\"value\":\"FreeRDP es una implementación gratuita del protocolo de escritorio remoto. Los clientes basados en FreeRDP que utilizan una versión de FreeRDP anterior a la 3.5.0 o 2.11.6 son vulnerables al desbordamiento de enteros y a la escritura fuera de los límites. Las versiones 3.5.0 y 2.11.6 solucionan el problema. Como workaround, no utilice las opciones `/gfx` (por ejemplo, desactívelas con `/bpp:32` o `/rfx`, ya que están activadas de forma predeterminada).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.11.6\",\"matchCriteriaId\":\"A06F0ED6-48DC-4E9B-9E9E-125F0CDA1713\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.5.0\",\"matchCriteriaId\":\"B6405F0F-2842-4B56-9497-B6134BD3BD32\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA277A6C-83EC-4536-9125-97B84C4FAF59\"}]}]}],\"references\":[{\"url\":\"https://github.com/FreeRDP/FreeRDP/pull/10077\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/pull/10077\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9\", \"name\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/pull/10077\", \"name\": \"https://github.com/FreeRDP/FreeRDP/pull/10077\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6\", \"name\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0\", \"name\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T02:06:42.839Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-32039\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-23T14:02:17.590334Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*\"], \"vendor\": \"freerdp\", \"product\": \"freerdp\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"3.5.0\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.11`.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-23T14:01:19.859Z\"}}], \"cna\": {\"title\": \"FreeRDP Integer overflow & OutOfBound Write in clear_decompress_residual_data\", \"source\": {\"advisory\": \"GHSA-q5h8-7j42-j4r9\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"FreeRDP\", \"product\": \"FreeRDP\", \"versions\": [{\"status\": \"affected\", \"version\": \">= 3.0.0, 3.5.0\"}, {\"status\": \"affected\", \"version\": \"< 2.11.6\"}]}], \"references\": [{\"url\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9\", \"name\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/pull/10077\", \"name\": \"https://github.com/FreeRDP/FreeRDP/pull/10077\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6\", \"name\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0\", \"name\": \"https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190: Integer Overflow or Wraparound\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787: Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-06-10T16:09:59.115Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-32039\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:52:06.380Z\", \"dateReserved\": \"2024-04-09T15:29:35.939Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-04-22T20:23:58.360Z\", \"assignerShortName\": \"GitHub_M\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
rhsa-2024_9092
Vulnerability from csaf_redhat
Published
2024-11-12 09:36
Modified
2024-11-24 14:15
Summary
Red Hat Security Advisory: freerdp security update
Notes
Topic
An update for freerdp is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)
* freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)
* freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)
* freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)
* freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)
* freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)
* freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)
* freerdp: out-of-bounds read (CVE-2024-32662)
* FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)
* freerdp: zgfx_decompress out of memory (CVE-2024-32660)
* freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)
* freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for freerdp is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)\n\n* freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)\n\n* freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)\n\n* freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)\n\n* freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)\n\n* freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)\n\n* freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)\n\n* freerdp: out-of-bounds read (CVE-2024-32662)\n\n* FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)\n\n* freerdp: zgfx_decompress out of memory (CVE-2024-32660)\n\n* freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)\n\n* freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:9092", url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2259483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259483", }, { category: "external", summary: "2276721", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276721", }, { category: "external", summary: "2276722", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276722", }, { category: "external", summary: "2276723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276723", }, { category: "external", summary: "2276724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276724", }, { category: "external", summary: "2276725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276725", }, { category: "external", summary: "2276726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276726", }, { category: "external", summary: "2276804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276804", }, { category: "external", summary: "2276961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276961", }, { category: "external", summary: "2276968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276968", }, { category: "external", summary: "2276970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276970", }, { category: "external", summary: "2276971", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276971", }, { category: "external", summary: "RHEL-33988", url: "https://issues.redhat.com/browse/RHEL-33988", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9092.json", }, ], title: "Red Hat Security Advisory: freerdp security update", tracking: { current_release_date: "2024-11-24T14:15:37+00:00", generator: { date: "2024-11-24T14:15:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2024:9092", initial_release_date: "2024-11-12T09:36:13+00:00", revision_history: [ { date: "2024-11-12T09:36:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-12T09:36:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-24T14:15:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, { category: "product_name", name: "Red Hat CodeReady Linux Builder (v. 9)", product: { name: "Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::crb", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64", product_id: "freerdp-devel-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product_id: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-2:2.11.7-1.el9.aarch64", product_id: "freerdp-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64", product_id: "freerdp-libs-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.i686", product: { name: "freerdp-devel-2:2.11.7-1.el9.i686", product_id: "freerdp-devel-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.i686", product: { name: "libwinpr-devel-2:2.11.7-1.el9.i686", product_id: "libwinpr-devel-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.i686", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686", product_id: "freerdp-debugsource-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.i686", product: { name: "freerdp-libs-2:2.11.7-1.el9.i686", product_id: "freerdp-libs-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.i686", product: { name: "libwinpr-2:2.11.7-1.el9.i686", product_id: "libwinpr-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64", product_id: "freerdp-devel-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product_id: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-2:2.11.7-1.el9.x86_64", product_id: "freerdp-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64", product_id: "freerdp-libs-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.s390x", product: { name: "freerdp-devel-2:2.11.7-1.el9.s390x", product_id: "freerdp-devel-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x", product_id: "libwinpr-devel-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product_id: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.s390x", product: { name: "freerdp-2:2.11.7-1.el9.s390x", product_id: "freerdp-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.s390x", product: { name: "freerdp-libs-2:2.11.7-1.el9.s390x", product_id: "freerdp-libs-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-2:2.11.7-1.el9.s390x", product_id: "libwinpr-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "freerdp-2:2.11.7-1.el9.src", product: { name: "freerdp-2:2.11.7-1.el9.src", product_id: "freerdp-2:2.11.7-1.el9.src", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=src&epoch=2", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", }, product_reference: "freerdp-2:2.11.7-1.el9.src", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.src as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", }, product_reference: "freerdp-2:2.11.7-1.el9.src", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2024-22211", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2024-01-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2259483", }, ], notes: [ { category: "description", text: "FreeRDP is a collection of remote desktop protocol library and client software that is both free and open source. An integer overflow within freerdp_bitmap_planar_context_reset results in a heap-buffer overflow. This impacts clients built on FreeRDP. However, server implementations and proxies based on FreeRDP are unaffected. A malevolent server could create a RDPGFX_RESET_GRAPHICS_PDU to allocate buffers that are too small, potentially causing subsequent out-of-bounds reads/writes. It's important to note that data extraction over the network is not feasible; these buffers are utilized solely for displaying images.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in FreeRDP, resulting from an integer overflow in certain versions, poses a low severity risk due to several mitigating factors. Firstly, it primarily affects FreeRDP-based clients, while server implementations and proxies remain unaffected. Additionally, the potential for exploitation is limited as it requires interaction with a malicious server, and data extraction over the network is not feasible; the vulnerability pertains solely to image display buffers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-22211", }, { category: "external", summary: "RHBZ#2259483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259483", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-22211", url: "https://www.cve.org/CVERecord?id=CVE-2024-22211", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-22211", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-22211", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff", url: "https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9", url: "https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59", }, ], release_date: "2024-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset", }, { cve: "CVE-2024-32039", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276723", }, ], notes: [ { category: "description", text: "A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an integer overflow and out-of-bounds write. This issue occurs when the sum of the `runLengthFactor` and `pixelIndex` values become large enough to overflow the uint32 type and bypass an error check when clearing residual data.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32039", }, { category: "external", summary: "RHBZ#2276723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276723", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32039", url: "https://www.cve.org/CVERecord?id=CVE-2024-32039", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32039", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32039", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data", }, { cve: "CVE-2024-32040", cwe: { id: "CWE-191", name: "Integer Underflow (Wrap or Wraparound)", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276724", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).", title: "Vulnerability description", }, { category: "summary", text: "freerdp: integer underflow in nsc_rle_decode", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32040", }, { category: "external", summary: "RHBZ#2276724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276724", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32040", url: "https://www.cve.org/CVERecord?id=CVE-2024-32040", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32040", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32040", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-23c5-cp23-h2h5", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-23c5-cp23-h2h5", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: integer underflow in nsc_rle_decode", }, { cve: "CVE-2024-32041", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276725", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in zgfx_decompress_segment", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32041", }, { category: "external", summary: "RHBZ#2276725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276725", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32041", url: "https://www.cve.org/CVERecord?id=CVE-2024-32041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32041", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32041", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5r4p-mfx2-m44r", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5r4p-mfx2-m44r", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in zgfx_decompress_segment", }, { cve: "CVE-2024-32458", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276726", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in planar_skip_plane_rle", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32458", }, { category: "external", summary: "RHBZ#2276726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276726", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32458", url: "https://www.cve.org/CVERecord?id=CVE-2024-32458", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32458", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32458", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vvr6-h646-mp4p", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vvr6-h646-mp4p", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in planar_skip_plane_rle", }, { cve: "CVE-2024-32459", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276721", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: out-of-bounds read in ncrush_decompress", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32459", }, { category: "external", summary: "RHBZ#2276721", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276721", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32459", url: "https://www.cve.org/CVERecord?id=CVE-2024-32459", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32459", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32459", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cp4q-p737-rmw9", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cp4q-p737-rmw9", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: out-of-bounds read in ncrush_decompress", }, { cve: "CVE-2024-32460", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276722", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in interleaved_decompress", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32460", }, { category: "external", summary: "RHBZ#2276722", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276722", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32460", url: "https://www.cve.org/CVERecord?id=CVE-2024-32460", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32460", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32460", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4rr8-gr65-vqrr", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4rr8-gr65-vqrr", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in interleaved_decompress", }, { cve: "CVE-2024-32658", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276961", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "FreeRDP: ExtractRunLengthRegular* out of bound read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32658", }, { category: "external", summary: "RHBZ#2276961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32658", url: "https://www.cve.org/CVERecord?id=CVE-2024-32658", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32658", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32658", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "FreeRDP: ExtractRunLengthRegular* out of bound read", }, { cve: "CVE-2024-32659", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276970", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: freerdp_image_copy out of bound read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32659", }, { category: "external", summary: "RHBZ#2276970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276970", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32659", url: "https://www.cve.org/CVERecord?id=CVE-2024-32659", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32659", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32659", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: freerdp_image_copy out of bound read", }, { cve: "CVE-2024-32660", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276968", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: zgfx_decompress out of memory", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32660", }, { category: "external", summary: "RHBZ#2276968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276968", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32660", url: "https://www.cve.org/CVERecord?id=CVE-2024-32660", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32660", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32660", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mxv6-2cw6-m3mx", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mxv6-2cw6-m3mx", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: zgfx_decompress out of memory", }, { cve: "CVE-2024-32661", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276971", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: rdp_write_logon_info_v1 NULL access", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32661", }, { category: "external", summary: "RHBZ#2276971", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276971", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32661", url: "https://www.cve.org/CVERecord?id=CVE-2024-32661", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32661", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32661", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: rdp_write_logon_info_v1 NULL access", }, { cve: "CVE-2024-32662", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276804", }, ], notes: [ { category: "description", text: "A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an out-of-bounds read. This issue occurs when the `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32662", }, { category: "external", summary: "RHBZ#2276804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32662", url: "https://www.cve.org/CVERecord?id=CVE-2024-32662", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32662", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32662", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "freerdp: out-of-bounds read", }, ], }
rhsa-2024:9092
Vulnerability from csaf_redhat
Published
2024-11-12 09:36
Modified
2025-03-26 10:58
Summary
Red Hat Security Advisory: freerdp security update
Notes
Topic
An update for freerdp is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)
* freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)
* freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)
* freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)
* freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)
* freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)
* freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)
* freerdp: out-of-bounds read (CVE-2024-32662)
* FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)
* freerdp: zgfx_decompress out of memory (CVE-2024-32660)
* freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)
* freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for freerdp is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)\n\n* freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)\n\n* freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)\n\n* freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)\n\n* freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)\n\n* freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)\n\n* freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)\n\n* freerdp: out-of-bounds read (CVE-2024-32662)\n\n* FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)\n\n* freerdp: zgfx_decompress out of memory (CVE-2024-32660)\n\n* freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)\n\n* freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:9092", url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2259483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259483", }, { category: "external", summary: "2276721", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276721", }, { category: "external", summary: "2276722", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276722", }, { category: "external", summary: "2276723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276723", }, { category: "external", summary: "2276724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276724", }, { category: "external", summary: "2276725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276725", }, { category: "external", summary: "2276726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276726", }, { category: "external", summary: "2276804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276804", }, { category: "external", summary: "2276961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276961", }, { category: "external", summary: "2276968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276968", }, { category: "external", summary: "2276970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276970", }, { category: "external", summary: "2276971", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276971", }, { category: "external", summary: "RHEL-33988", url: "https://issues.redhat.com/browse/RHEL-33988", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9092.json", }, ], title: "Red Hat Security Advisory: freerdp security update", tracking: { current_release_date: "2025-03-26T10:58:06+00:00", generator: { date: "2025-03-26T10:58:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:9092", initial_release_date: "2024-11-12T09:36:13+00:00", revision_history: [ { date: "2024-11-12T09:36:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-12T09:36:13+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-26T10:58:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, { category: "product_name", name: "Red Hat CodeReady Linux Builder (v. 9)", product: { name: "Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::crb", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64", product_id: "freerdp-devel-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product_id: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-2:2.11.7-1.el9.aarch64", product_id: "freerdp-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64", product_id: "freerdp-libs-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.i686", product: { name: "freerdp-devel-2:2.11.7-1.el9.i686", product_id: "freerdp-devel-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.i686", product: { name: "libwinpr-devel-2:2.11.7-1.el9.i686", product_id: "libwinpr-devel-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.i686", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686", product_id: "freerdp-debugsource-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.i686", product: { name: "freerdp-libs-2:2.11.7-1.el9.i686", product_id: "freerdp-libs-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.i686", product: { name: "libwinpr-2:2.11.7-1.el9.i686", product_id: "libwinpr-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64", product_id: "freerdp-devel-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product_id: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-2:2.11.7-1.el9.x86_64", product_id: "freerdp-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64", product_id: "freerdp-libs-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.s390x", product: { name: "freerdp-devel-2:2.11.7-1.el9.s390x", product_id: "freerdp-devel-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x", product_id: "libwinpr-devel-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product_id: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.s390x", product: { name: "freerdp-2:2.11.7-1.el9.s390x", product_id: "freerdp-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.s390x", product: { name: "freerdp-libs-2:2.11.7-1.el9.s390x", product_id: "freerdp-libs-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-2:2.11.7-1.el9.s390x", product_id: "libwinpr-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "freerdp-2:2.11.7-1.el9.src", product: { name: "freerdp-2:2.11.7-1.el9.src", product_id: "freerdp-2:2.11.7-1.el9.src", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=src&epoch=2", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", }, product_reference: "freerdp-2:2.11.7-1.el9.src", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.src as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", }, product_reference: "freerdp-2:2.11.7-1.el9.src", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2024-22211", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2024-01-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2259483", }, ], notes: [ { category: "description", text: "FreeRDP is a collection of remote desktop protocol library and client software that is both free and open source. An integer overflow within freerdp_bitmap_planar_context_reset results in a heap-buffer overflow. This impacts clients built on FreeRDP. However, server implementations and proxies based on FreeRDP are unaffected. A malevolent server could create a RDPGFX_RESET_GRAPHICS_PDU to allocate buffers that are too small, potentially causing subsequent out-of-bounds reads/writes. It's important to note that data extraction over the network is not feasible; these buffers are utilized solely for displaying images.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in FreeRDP, resulting from an integer overflow in certain versions, poses a low severity risk due to several mitigating factors. Firstly, it primarily affects FreeRDP-based clients, while server implementations and proxies remain unaffected. Additionally, the potential for exploitation is limited as it requires interaction with a malicious server, and data extraction over the network is not feasible; the vulnerability pertains solely to image display buffers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-22211", }, { category: "external", summary: "RHBZ#2259483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259483", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-22211", url: "https://www.cve.org/CVERecord?id=CVE-2024-22211", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-22211", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-22211", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff", url: "https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9", url: "https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59", }, ], release_date: "2024-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset", }, { cve: "CVE-2024-32039", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276723", }, ], notes: [ { category: "description", text: "A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an integer overflow and out-of-bounds write. This issue occurs when the sum of the `runLengthFactor` and `pixelIndex` values become large enough to overflow the uint32 type and bypass an error check when clearing residual data.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32039", }, { category: "external", summary: "RHBZ#2276723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276723", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32039", url: "https://www.cve.org/CVERecord?id=CVE-2024-32039", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32039", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32039", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data", }, { cve: "CVE-2024-32040", cwe: { id: "CWE-191", name: "Integer Underflow (Wrap or Wraparound)", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276724", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).", title: "Vulnerability description", }, { category: "summary", text: "freerdp: integer underflow in nsc_rle_decode", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32040", }, { category: "external", summary: "RHBZ#2276724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276724", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32040", url: "https://www.cve.org/CVERecord?id=CVE-2024-32040", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32040", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32040", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-23c5-cp23-h2h5", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-23c5-cp23-h2h5", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: integer underflow in nsc_rle_decode", }, { cve: "CVE-2024-32041", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276725", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in zgfx_decompress_segment", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32041", }, { category: "external", summary: "RHBZ#2276725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276725", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32041", url: "https://www.cve.org/CVERecord?id=CVE-2024-32041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32041", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32041", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5r4p-mfx2-m44r", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5r4p-mfx2-m44r", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in zgfx_decompress_segment", }, { cve: "CVE-2024-32458", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276726", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in planar_skip_plane_rle", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32458", }, { category: "external", summary: "RHBZ#2276726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276726", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32458", url: "https://www.cve.org/CVERecord?id=CVE-2024-32458", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32458", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32458", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vvr6-h646-mp4p", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vvr6-h646-mp4p", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in planar_skip_plane_rle", }, { cve: "CVE-2024-32459", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276721", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: out-of-bounds read in ncrush_decompress", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32459", }, { category: "external", summary: "RHBZ#2276721", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276721", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32459", url: "https://www.cve.org/CVERecord?id=CVE-2024-32459", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32459", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32459", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cp4q-p737-rmw9", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cp4q-p737-rmw9", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: out-of-bounds read in ncrush_decompress", }, { cve: "CVE-2024-32460", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276722", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in interleaved_decompress", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32460", }, { category: "external", summary: "RHBZ#2276722", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276722", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32460", url: "https://www.cve.org/CVERecord?id=CVE-2024-32460", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32460", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32460", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4rr8-gr65-vqrr", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4rr8-gr65-vqrr", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in interleaved_decompress", }, { cve: "CVE-2024-32658", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276961", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "FreeRDP: ExtractRunLengthRegular* out of bound read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32658", }, { category: "external", summary: "RHBZ#2276961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32658", url: "https://www.cve.org/CVERecord?id=CVE-2024-32658", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32658", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32658", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "FreeRDP: ExtractRunLengthRegular* out of bound read", }, { cve: "CVE-2024-32659", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276970", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: freerdp_image_copy out of bound read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32659", }, { category: "external", summary: "RHBZ#2276970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276970", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32659", url: "https://www.cve.org/CVERecord?id=CVE-2024-32659", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32659", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32659", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: freerdp_image_copy out of bound read", }, { cve: "CVE-2024-32660", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276968", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: zgfx_decompress out of memory", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32660", }, { category: "external", summary: "RHBZ#2276968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276968", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32660", url: "https://www.cve.org/CVERecord?id=CVE-2024-32660", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32660", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32660", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mxv6-2cw6-m3mx", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mxv6-2cw6-m3mx", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: zgfx_decompress out of memory", }, { cve: "CVE-2024-32661", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276971", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: rdp_write_logon_info_v1 NULL access", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32661", }, { category: "external", summary: "RHBZ#2276971", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276971", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32661", url: "https://www.cve.org/CVERecord?id=CVE-2024-32661", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32661", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32661", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: rdp_write_logon_info_v1 NULL access", }, { cve: "CVE-2024-32662", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276804", }, ], notes: [ { category: "description", text: "A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an out-of-bounds read. This issue occurs when the `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32662", }, { category: "external", summary: "RHBZ#2276804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32662", url: "https://www.cve.org/CVERecord?id=CVE-2024-32662", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32662", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32662", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "freerdp: out-of-bounds read", }, ], }
RHSA-2024:9092
Vulnerability from csaf_redhat
Published
2024-11-12 09:36
Modified
2025-03-26 10:58
Summary
Red Hat Security Advisory: freerdp security update
Notes
Topic
An update for freerdp is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)
* freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)
* freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)
* freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)
* freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)
* freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)
* freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)
* freerdp: out-of-bounds read (CVE-2024-32662)
* FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)
* freerdp: zgfx_decompress out of memory (CVE-2024-32660)
* freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)
* freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for freerdp is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset (CVE-2024-22211)\n\n* freerdp: out-of-bounds read in ncrush_decompress (CVE-2024-32459)\n\n* freerdp: OutOfBound Read in interleaved_decompress (CVE-2024-32460)\n\n* freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data (CVE-2024-32039)\n\n* freerdp: integer underflow in nsc_rle_decode (CVE-2024-32040)\n\n* freerdp: OutOfBound Read in zgfx_decompress_segment (CVE-2024-32041)\n\n* freerdp: OutOfBound Read in planar_skip_plane_rle (CVE-2024-32458)\n\n* freerdp: out-of-bounds read (CVE-2024-32662)\n\n* FreeRDP: ExtractRunLengthRegular* out of bound read (CVE-2024-32658)\n\n* freerdp: zgfx_decompress out of memory (CVE-2024-32660)\n\n* freerdp: freerdp_image_copy out of bound read (CVE-2024-32659)\n\n* freerdp: rdp_write_logon_info_v1 NULL access (CVE-2024-32661)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:9092", url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2259483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259483", }, { category: "external", summary: "2276721", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276721", }, { category: "external", summary: "2276722", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276722", }, { category: "external", summary: "2276723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276723", }, { category: "external", summary: "2276724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276724", }, { category: "external", summary: "2276725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276725", }, { category: "external", summary: "2276726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276726", }, { category: "external", summary: "2276804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276804", }, { category: "external", summary: "2276961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276961", }, { category: "external", summary: "2276968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276968", }, { category: "external", summary: "2276970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276970", }, { category: "external", summary: "2276971", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276971", }, { category: "external", summary: "RHEL-33988", url: "https://issues.redhat.com/browse/RHEL-33988", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9092.json", }, ], title: "Red Hat Security Advisory: freerdp security update", tracking: { current_release_date: "2025-03-26T10:58:06+00:00", generator: { date: "2025-03-26T10:58:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:9092", initial_release_date: "2024-11-12T09:36:13+00:00", revision_history: [ { date: "2024-11-12T09:36:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-12T09:36:13+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-26T10:58:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, { category: "product_name", name: "Red Hat CodeReady Linux Builder (v. 9)", product: { name: "Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::crb", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64", product_id: "freerdp-devel-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-devel-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product_id: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-2:2.11.7-1.el9.aarch64", product_id: "freerdp-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.aarch64", product: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64", product_id: "freerdp-libs-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.aarch64", product: { name: "libwinpr-2:2.11.7-1.el9.aarch64", product_id: "libwinpr-2:2.11.7-1.el9.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=aarch64&epoch=2", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-devel-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product_id: "freerdp-libs-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.ppc64le", product: { name: "libwinpr-2:2.11.7-1.el9.ppc64le", product_id: "libwinpr-2:2.11.7-1.el9.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=ppc64le&epoch=2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.i686", product: { name: "freerdp-devel-2:2.11.7-1.el9.i686", product_id: "freerdp-devel-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.i686", product: { name: "libwinpr-devel-2:2.11.7-1.el9.i686", product_id: "libwinpr-devel-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.i686", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686", product_id: "freerdp-debugsource-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.i686", product: { name: "freerdp-libs-2:2.11.7-1.el9.i686", product_id: "freerdp-libs-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.i686", product: { name: "libwinpr-2:2.11.7-1.el9.i686", product_id: "libwinpr-2:2.11.7-1.el9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=i686&epoch=2", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64", product_id: "freerdp-devel-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-devel-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product_id: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-2:2.11.7-1.el9.x86_64", product_id: "freerdp-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.x86_64", product: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64", product_id: "freerdp-libs-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.x86_64", product: { name: "libwinpr-2:2.11.7-1.el9.x86_64", product_id: "libwinpr-2:2.11.7-1.el9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=x86_64&epoch=2", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "freerdp-devel-2:2.11.7-1.el9.s390x", product: { name: "freerdp-devel-2:2.11.7-1.el9.s390x", product_id: "freerdp-devel-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-devel-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x", product_id: "libwinpr-devel-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product_id: "freerdp-debugsource-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product_id: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product_id: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product_id: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-2:2.11.7-1.el9.s390x", product: { name: "freerdp-2:2.11.7-1.el9.s390x", product_id: "freerdp-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "freerdp-libs-2:2.11.7-1.el9.s390x", product: { name: "freerdp-libs-2:2.11.7-1.el9.s390x", product_id: "freerdp-libs-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, { category: "product_version", name: "libwinpr-2:2.11.7-1.el9.s390x", product: { name: "libwinpr-2:2.11.7-1.el9.s390x", product_id: "libwinpr-2:2.11.7-1.el9.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libwinpr@2.11.7-1.el9?arch=s390x&epoch=2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "freerdp-2:2.11.7-1.el9.src", product: { name: "freerdp-2:2.11.7-1.el9.src", product_id: "freerdp-2:2.11.7-1.el9.src", product_identification_helper: { purl: "pkg:rpm/redhat/freerdp@2.11.7-1.el9?arch=src&epoch=2", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", }, product_reference: "freerdp-2:2.11.7-1.el9.src", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "AppStream-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.src as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", }, product_reference: "freerdp-2:2.11.7-1.el9.src", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-debugsource-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-debugsource-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.aarch64", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.i686 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.i686", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.ppc64le", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.s390x as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.s390x", relates_to_product_reference: "CRB-9.5.0.GA", }, { category: "default_component_of", full_product_name: { name: "libwinpr-devel-2:2.11.7-1.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)", product_id: "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", }, product_reference: "libwinpr-devel-2:2.11.7-1.el9.x86_64", relates_to_product_reference: "CRB-9.5.0.GA", }, ], }, vulnerabilities: [ { cve: "CVE-2024-22211", cwe: { id: "CWE-190", name: "Integer Overflow or Wraparound", }, discovery_date: "2024-01-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2259483", }, ], notes: [ { category: "description", text: "FreeRDP is a collection of remote desktop protocol library and client software that is both free and open source. An integer overflow within freerdp_bitmap_planar_context_reset results in a heap-buffer overflow. This impacts clients built on FreeRDP. However, server implementations and proxies based on FreeRDP are unaffected. A malevolent server could create a RDPGFX_RESET_GRAPHICS_PDU to allocate buffers that are too small, potentially causing subsequent out-of-bounds reads/writes. It's important to note that data extraction over the network is not feasible; these buffers are utilized solely for displaying images.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in FreeRDP, resulting from an integer overflow in certain versions, poses a low severity risk due to several mitigating factors. Firstly, it primarily affects FreeRDP-based clients, while server implementations and proxies remain unaffected. Additionally, the potential for exploitation is limited as it requires interaction with a malicious server, and data extraction over the network is not feasible; the vulnerability pertains solely to image display buffers.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-22211", }, { category: "external", summary: "RHBZ#2259483", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2259483", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-22211", url: "https://www.cve.org/CVERecord?id=CVE-2024-22211", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-22211", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-22211", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff", url: "https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9", url: "https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59", }, ], release_date: "2024-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset", }, { cve: "CVE-2024-32039", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276723", }, ], notes: [ { category: "description", text: "A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an integer overflow and out-of-bounds write. This issue occurs when the sum of the `runLengthFactor` and `pixelIndex` values become large enough to overflow the uint32 type and bypass an error check when clearing residual data.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32039", }, { category: "external", summary: "RHBZ#2276723", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276723", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32039", url: "https://www.cve.org/CVERecord?id=CVE-2024-32039", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32039", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32039", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data", }, { cve: "CVE-2024-32040", cwe: { id: "CWE-191", name: "Integer Underflow (Wrap or Wraparound)", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276724", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).", title: "Vulnerability description", }, { category: "summary", text: "freerdp: integer underflow in nsc_rle_decode", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32040", }, { category: "external", summary: "RHBZ#2276724", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276724", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32040", url: "https://www.cve.org/CVERecord?id=CVE-2024-32040", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32040", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32040", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-23c5-cp23-h2h5", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-23c5-cp23-h2h5", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: integer underflow in nsc_rle_decode", }, { cve: "CVE-2024-32041", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276725", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in zgfx_decompress_segment", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32041", }, { category: "external", summary: "RHBZ#2276725", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276725", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32041", url: "https://www.cve.org/CVERecord?id=CVE-2024-32041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32041", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32041", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5r4p-mfx2-m44r", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5r4p-mfx2-m44r", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in zgfx_decompress_segment", }, { cve: "CVE-2024-32458", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276726", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in planar_skip_plane_rle", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32458", }, { category: "external", summary: "RHBZ#2276726", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276726", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32458", url: "https://www.cve.org/CVERecord?id=CVE-2024-32458", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32458", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32458", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vvr6-h646-mp4p", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vvr6-h646-mp4p", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in planar_skip_plane_rle", }, { cve: "CVE-2024-32459", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276721", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: out-of-bounds read in ncrush_decompress", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32459", }, { category: "external", summary: "RHBZ#2276721", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276721", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32459", url: "https://www.cve.org/CVERecord?id=CVE-2024-32459", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32459", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32459", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cp4q-p737-rmw9", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cp4q-p737-rmw9", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: out-of-bounds read in ncrush_decompress", }, { cve: "CVE-2024-32460", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276722", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. `/rfx` or `/gfx` options). The workaround requires server side support.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: OutOfBound Read in interleaved_decompress", title: "Vulnerability summary", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32460", }, { category: "external", summary: "RHBZ#2276722", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276722", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32460", url: "https://www.cve.org/CVERecord?id=CVE-2024-32460", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32460", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32460", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4rr8-gr65-vqrr", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4rr8-gr65-vqrr", }, ], release_date: "2024-04-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: OutOfBound Read in interleaved_decompress", }, { cve: "CVE-2024-32658", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276961", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "FreeRDP: ExtractRunLengthRegular* out of bound read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32658", }, { category: "external", summary: "RHBZ#2276961", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276961", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32658", url: "https://www.cve.org/CVERecord?id=CVE-2024-32658", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32658", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32658", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "FreeRDP: ExtractRunLengthRegular* out of bound read", }, { cve: "CVE-2024-32659", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276970", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: freerdp_image_copy out of bound read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32659", }, { category: "external", summary: "RHBZ#2276970", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276970", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32659", url: "https://www.cve.org/CVERecord?id=CVE-2024-32659", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32659", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32659", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: freerdp_image_copy out of bound read", }, { cve: "CVE-2024-32660", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276968", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: zgfx_decompress out of memory", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32660", }, { category: "external", summary: "RHBZ#2276968", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276968", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32660", url: "https://www.cve.org/CVERecord?id=CVE-2024-32660", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32660", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32660", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mxv6-2cw6-m3mx", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mxv6-2cw6-m3mx", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: zgfx_decompress out of memory", }, { cve: "CVE-2024-32661", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276971", }, ], notes: [ { category: "description", text: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: rdp_write_logon_info_v1 NULL access", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32661", }, { category: "external", summary: "RHBZ#2276971", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276971", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32661", url: "https://www.cve.org/CVERecord?id=CVE-2024-32661", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32661", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32661", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p5m5-342g-pv9m", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "freerdp: rdp_write_logon_info_v1 NULL access", }, { cve: "CVE-2024-32662", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2024-04-24T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2276804", }, ], notes: [ { category: "description", text: "A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an out-of-bounds read. This issue occurs when the `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate.", title: "Vulnerability description", }, { category: "summary", text: "freerdp: out-of-bounds read", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-32662", }, { category: "external", summary: "RHBZ#2276804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2276804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-32662", url: "https://www.cve.org/CVERecord?id=CVE-2024-32662", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-32662", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-32662", }, { category: "external", summary: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4", }, ], release_date: "2024-04-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-12T09:36:13+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:9092", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "AppStream-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "AppStream-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.src", "CRB-9.5.0.GA:freerdp-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-debugsource-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-devel-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:freerdp-libs-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-debuginfo-2:2.11.7-1.el9.x86_64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.aarch64", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.i686", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.ppc64le", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.s390x", "CRB-9.5.0.GA:libwinpr-devel-2:2.11.7-1.el9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "freerdp: out-of-bounds read", }, ], }
gsd-2024-32039
Vulnerability from gsd
Modified
2024-04-11 05:03
Details
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).
Aliases
{ gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2024-32039", ], details: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).", id: "GSD-2024-32039", modified: "2024-04-11T05:03:19.001563Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2024-32039", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "FreeRDP", version: { version_data: [ { version_affected: "=", version_value: ">= 3.0.0, 3.5.0", }, { version_affected: "=", version_value: "< 2.11.6", }, ], }, }, ], }, vendor_name: "FreeRDP", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).", }, ], }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-190", lang: "eng", value: "CWE-190: Integer Overflow or Wraparound", }, ], }, { description: [ { cweId: "CWE-787", lang: "eng", value: "CWE-787: Out-of-bounds Write", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", refsource: "MISC", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, { name: "https://github.com/FreeRDP/FreeRDP/pull/10077", refsource: "MISC", url: "https://github.com/FreeRDP/FreeRDP/pull/10077", }, { name: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", refsource: "MISC", url: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", }, { name: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", refsource: "MISC", url: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", }, ], }, source: { advisory: "GHSA-q5h8-7j42-j4r9", discovery: "UNKNOWN", }, }, "nvd.nist.gov": { cve: { descriptions: [ { lang: "en", value: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).", }, { lang: "es", value: "FreeRDP es una implementación gratuita del protocolo de escritorio remoto. Los clientes basados en FreeRDP que utilizan una versión de FreeRDP anterior a la 3.5.0 o 2.11.6 son vulnerables al desbordamiento de enteros y a la escritura fuera de los límites. Las versiones 3.5.0 y 2.11.6 solucionan el problema. Como workaround, no utilice las opciones `/gfx` (por ejemplo, desactívelas con `/bpp:32` o `/rfx`, ya que están activadas de forma predeterminada).", }, ], id: "CVE-2024-32039", lastModified: "2024-04-23T12:52:26.253", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, ], }, published: "2024-04-22T21:15:49.090", references: [ { source: "security-advisories@github.com", url: "https://github.com/FreeRDP/FreeRDP/pull/10077", }, { source: "security-advisories@github.com", url: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", }, { source: "security-advisories@github.com", url: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", }, { source: "security-advisories@github.com", url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "security-advisories@github.com", type: "Secondary", }, ], }, }, }, }
wid-sec-w-2024-0905
Vulnerability from csaf_certbund
Published
2024-04-16 22:00
Modified
2024-11-18 23:00
Summary
FreeRDP: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeRDP ist eine freie Implementierung des Remote Desktop Protocol (RDP).
Angriff
Ein Angreifer kann mehrere Schwachstellen in FreeRDP ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "FreeRDP ist eine freie Implementierung des Remote Desktop Protocol (RDP).", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in FreeRDP ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-0905 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0905.json", }, { category: "self", summary: "WID-SEC-2024-0905 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0905", }, { category: "external", summary: "FreeRDP minor release vom 2024-04-16", url: "https://www.freerdp.com/2024/04/16/3_5_0-release", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-050266DC33 vom 2024-04-17", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-050266dc33", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-1B11432D52 vom 2024-04-23", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-1b11432d52", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-982A7184E0 vom 2024-04-23", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-982a7184e0", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-C702EA0FB1 vom 2024-04-23", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-c702ea0fb1", }, { category: "external", summary: "Ubuntu Security Notice USN-6749-1 vom 2024-04-24", url: "https://ubuntu.com/security/notices/USN-6749-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1610-1 vom 2024-05-11", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VPTWVBD3OLCPCVVLQRAJACJYM2LIQFLF/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1609-1 vom 2024-05-10", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018508.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:9092 vom 2024-11-12", url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-9092 vom 2024-11-19", url: "https://linux.oracle.com/errata/ELSA-2024-9092.html", }, ], source_lang: "en-US", title: "FreeRDP: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff", tracking: { current_release_date: "2024-11-18T23:00:00.000+00:00", generator: { date: "2024-11-19T10:05:13.111+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-0905", initial_release_date: "2024-04-16T22:00:00.000+00:00", revision_history: [ { date: "2024-04-16T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-04-22T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-04-24T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-05-12T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-11-11T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-18T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Oracle Linux aufgenommen", }, ], status: "final", version: "6", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version_range", name: "<3.5.0", product: { name: "Open Source FreeRDP <3.5.0", product_id: "T034276", }, }, { category: "product_version", name: "3.5.0", product: { name: "Open Source FreeRDP 3.5.0", product_id: "T034276-fixed", product_identification_helper: { cpe: "cpe:/a:freerdp:freerdp:3.5.0", }, }, }, ], category: "product_name", name: "FreeRDP", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T039238", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2024-32039", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32039", }, { cve: "CVE-2024-32040", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32040", }, { cve: "CVE-2024-32041", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32041", }, { cve: "CVE-2024-32458", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32458", }, { cve: "CVE-2024-32459", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32459", }, { cve: "CVE-2024-32460", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32460", }, ], }
WID-SEC-W-2024-0905
Vulnerability from csaf_certbund
Published
2024-04-16 22:00
Modified
2024-11-18 23:00
Summary
FreeRDP: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeRDP ist eine freie Implementierung des Remote Desktop Protocol (RDP).
Angriff
Ein Angreifer kann mehrere Schwachstellen in FreeRDP ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "FreeRDP ist eine freie Implementierung des Remote Desktop Protocol (RDP).", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in FreeRDP ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-0905 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0905.json", }, { category: "self", summary: "WID-SEC-2024-0905 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0905", }, { category: "external", summary: "FreeRDP minor release vom 2024-04-16", url: "https://www.freerdp.com/2024/04/16/3_5_0-release", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-050266DC33 vom 2024-04-17", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-050266dc33", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-1B11432D52 vom 2024-04-23", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-1b11432d52", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-982A7184E0 vom 2024-04-23", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-982a7184e0", }, { category: "external", summary: "Fedora Security Advisory FEDORA-2024-C702EA0FB1 vom 2024-04-23", url: "https://bodhi.fedoraproject.org/updates/FEDORA-2024-c702ea0fb1", }, { category: "external", summary: "Ubuntu Security Notice USN-6749-1 vom 2024-04-24", url: "https://ubuntu.com/security/notices/USN-6749-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1610-1 vom 2024-05-11", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/VPTWVBD3OLCPCVVLQRAJACJYM2LIQFLF/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2024:1609-1 vom 2024-05-10", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-May/018508.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:9092 vom 2024-11-12", url: "https://access.redhat.com/errata/RHSA-2024:9092", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2024-9092 vom 2024-11-19", url: "https://linux.oracle.com/errata/ELSA-2024-9092.html", }, ], source_lang: "en-US", title: "FreeRDP: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff", tracking: { current_release_date: "2024-11-18T23:00:00.000+00:00", generator: { date: "2024-11-19T10:05:13.111+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-0905", initial_release_date: "2024-04-16T22:00:00.000+00:00", revision_history: [ { date: "2024-04-16T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-04-22T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Fedora aufgenommen", }, { date: "2024-04-24T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-05-12T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-11-11T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-11-18T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Oracle Linux aufgenommen", }, ], status: "final", version: "6", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Fedora Linux", product: { name: "Fedora Linux", product_id: "74185", product_identification_helper: { cpe: "cpe:/o:fedoraproject:fedora:-", }, }, }, ], category: "vendor", name: "Fedora", }, { branches: [ { branches: [ { category: "product_version_range", name: "<3.5.0", product: { name: "Open Source FreeRDP <3.5.0", product_id: "T034276", }, }, { category: "product_version", name: "3.5.0", product: { name: "Open Source FreeRDP 3.5.0", product_id: "T034276-fixed", product_identification_helper: { cpe: "cpe:/a:freerdp:freerdp:3.5.0", }, }, }, ], category: "product_name", name: "FreeRDP", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T039238", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2024-32039", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32039", }, { cve: "CVE-2024-32040", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32040", }, { cve: "CVE-2024-32041", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32041", }, { cve: "CVE-2024-32458", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32458", }, { cve: "CVE-2024-32459", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32459", }, { cve: "CVE-2024-32460", notes: [ { category: "description", text: "In FreeRDP existieren mehrere Schwachstellen, die bisher noch nicht im Detail beschrieben und veröffentlicht wurden. Die Fehler bestehen aufgrund von mehreren OutOfBound Reads, einem Integer-Überlauf, einem Integer-Unterlauf und einem OutOfBound Read. Die betroffenen Komponenten sind zgfx_decompress_segment, clear_decompress_residual_data, nsc_rle_decode, planar_skip_plane_rle, ncrush_decompress und interleaved_decompress. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht spezifizierte Auswirkungen zu verursachen.", }, ], product_status: { known_affected: [ "T002207", "67646", "T000126", "T039238", "74185", "T034276", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-32460", }, ], }
fkie_cve-2024-32039
Vulnerability from fkie_nvd
Published
2024-04-22 21:15
Modified
2025-02-04 18:03
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freerdp | freerdp | * | |
| freerdp | freerdp | * | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 | |
| fedoraproject | fedora | 40 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*", matchCriteriaId: "A06F0ED6-48DC-4E9B-9E9E-125F0CDA1713", versionEndExcluding: "2.11.6", vulnerable: true, }, { criteria: "cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*", matchCriteriaId: "B6405F0F-2842-4B56-9497-B6134BD3BD32", versionEndExcluding: "3.5.0", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", matchCriteriaId: "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", matchCriteriaId: "CA277A6C-83EC-4536-9125-97B84C4FAF59", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default).", }, { lang: "es", value: "FreeRDP es una implementación gratuita del protocolo de escritorio remoto. Los clientes basados en FreeRDP que utilizan una versión de FreeRDP anterior a la 3.5.0 o 2.11.6 son vulnerables al desbordamiento de enteros y a la escritura fuera de los límites. Las versiones 3.5.0 y 2.11.6 solucionan el problema. Como workaround, no utilice las opciones `/gfx` (por ejemplo, desactívelas con `/bpp:32` o `/rfx`, ya que están activadas de forma predeterminada).", }, ], id: "CVE-2024-32039", lastModified: "2025-02-04T18:03:30.070", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-04-22T21:15:49.090", references: [ { source: "security-advisories@github.com", tags: [ "Issue Tracking", ], url: "https://github.com/FreeRDP/FreeRDP/pull/10077", }, { source: "security-advisories@github.com", tags: [ "Release Notes", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", }, { source: "security-advisories@github.com", tags: [ "Release Notes", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", }, { source: "security-advisories@github.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/FreeRDP/FreeRDP/pull/10077", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/2.11.6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/FreeRDP/FreeRDP/releases/tag/3.5.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5h8-7j42-j4r9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.