freerdp-2.1.1-5.el7
エラータID: AXSA:2021-2542:02
リリース日:
2021/11/11 Thursday - 13:01
題名:
freerdp-2.1.1-5.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- FreeRDPには、ゲートウェイ接続 (`/gt:rpc`) を使用するクライアントで入力データ
の検証に失敗する問題があり、悪意のあるゲートウェイによってクライアントのメモ
リーに境界外書き込みが引き起こされる脆弱性があります。回避策として、 `/gt:rdp`
の代わりに `/gt:http` を用いて接続するか、ゲートウェイを使用せず直接接続してく
ださい。(CVE-2021-41159)
- FreeRDP のクライアントには、GDI や SurfaceCommands を使用した接続において、
悪意のあるサーバーからのグラフィック更新要求に対し境界チェックが行われない問題
があり、巧妙に細工された更新領域をクライアントに送信することによって、割り当て
られた領域外への書き込みを引き起こす脆弱性があります。(CVE-2021-41160)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-41159
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.
CVE-2021-41160
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.
追加情報:
N/A
ダウンロード:
SRPMS
- freerdp-2.1.1-5.el7.src.rpm
MD5: 1258ca744233ecf1be767f4cfd189dfb
SHA-256: 8d500ec731b4fbc89583dace0118aeaaae1f748b3ff7d142c09f4e9c276456a5
Size: 6.55 MB
Asianux Server 7 for x86_64
- freerdp-2.1.1-5.el7.x86_64.rpm
MD5: d9bb65d71f553d69e68814287b9c7475
SHA-256: f5f24ce60ad982e8648d5b3cdc1bca54b929c7a5a47eeaea7679db6b122fe802
Size: 104.14 kB - freerdp-libs-2.1.1-5.el7.x86_64.rpm
MD5: 687e4ef1569c6629bbb750eeba438835
SHA-256: 37f455b80f5643ec20ef233a22d0018733d2a06df747ef77f3c71022ad72c160
Size: 854.73 kB - libwinpr-2.1.1-5.el7.x86_64.rpm
MD5: 3b5f713736b73ea1aba8f142322152f1
SHA-256: 22512e3a684830ce19bc7b9bcfeb51743f31881992b0e1ea5372da2d40351931
Size: 345.55 kB - libwinpr-devel-2.1.1-5.el7.x86_64.rpm
MD5: 52205d4b45b52ea34d062b91127ae5d2
SHA-256: 534e92c866a762d958685dcb6947a9779d92644709d9e4a7ca208318ecc727ee
Size: 167.86 kB - freerdp-libs-2.1.1-5.el7.i686.rpm
MD5: e4c1e0582c1d19ee189548646a91f342
SHA-256: 632f28f26871b9b113f365e74edb8814d9b5f26f0d346a51460af42bfb582348
Size: 811.54 kB - libwinpr-2.1.1-5.el7.i686.rpm
MD5: d241a8ca187ebcce960cba2f211a0776
SHA-256: c8ea336aa0c9736a62dbf2a96fadb813b1e490721d0f1cab45d3347a767c1f5d
Size: 332.34 kB - libwinpr-devel-2.1.1-5.el7.i686.rpm
MD5: fae8346e48dcf2a7de7c9ee80bc56aec
SHA-256: a607f93dcd59270872912f5c31aeb1b194b1adeee541ecfc728d42240029f41b
Size: 167.88 kB
English