freerdp-2.2.0-7.el8
エラータID: AXSA:2021-2822:04
リリース日:
2021/12/21 Tuesday - 06:07
題名:
freerdp-2.2.0-7.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- FreeRDPには、ゲートウェイ接続 (`/gt:rpc`) を使用するクライアントで入
力データの検証に失敗する問題があり、悪意のあるゲートウェイによってクラ
イアントのメモリーに境界外書き込みが引き起こされる脆弱性があります。回
避策として、 `/gt:rdp` の代わりに `/gt:http` を用いて接続するか、ゲー
トウェイを使用せず直接接続してください。(CVE-2021-41159)
- FreeRDP のクライアントには、GDI や SurfaceCommands を使用した接続に
おいて、悪意のあるサーバーからのグラフィック更新要求に対し境界チェック
が行われない問題があり、巧妙に細工された更新領域をクライアントに送信す
ることによって、割り当てられた領域外への書き込みを引き起こす脆弱性があ
ります。(CVE-2021-41160)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2021-41159
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.
CVE-2021-41160
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the client might send `0` width/height or out of bound rectangles to trigger out of bound writes. With `0` width or heigth the memory allocation will be `0` but the missing bounds checks allow writing to the pointer at this (not allocated) region. This issue has been patched in FreeRDP 2.4.1.
追加情報:
N/A
ダウンロード:
SRPMS
- freerdp-2.2.0-7.el8.src.rpm
MD5: c3307bae6756915e3dc162405ee7c7c7
SHA-256: eb0d89c2a8aa2bc2cbe0c98f30972ce1470b35921fb1a503c01b851d3caa7cd1
Size: 6.56 MB
Asianux Server 8 for x86_64
- freerdp-2.2.0-7.el8.x86_64.rpm
MD5: c38a1485dade8cb02b8a474e385b0918
SHA-256: 11379c9435ac56163c13fb0ae7fff5232a6f01cfe500ee62b93ea5e232517329
Size: 111.75 kB - freerdp-devel-2.2.0-7.el8.x86_64.rpm
MD5: ea29adeab821ab4c5d7b7ce0468d9ead
SHA-256: b0f6ea027c00b529487b6bc46e6509d1934ab8257d04f0adee1cbec9808edf57
Size: 137.21 kB - freerdp-libs-2.2.0-7.el8.x86_64.rpm
MD5: e45d006d8a9dab236cf1115a3ebdfcc3
SHA-256: 81e50c96fb7494f78d9fbe2f174a391dd494a125f12d0d1bb365bd8445979cc2
Size: 890.53 kB - libwinpr-2.2.0-7.el8.x86_64.rpm
MD5: fa578004b1f9153e48f1e7f1c4426148
SHA-256: 001254faf89d7a56f158af944cb734c8f41e8c9837b8c629cec6b9010e66523c
Size: 356.07 kB - libwinpr-devel-2.2.0-7.el8.x86_64.rpm
MD5: a5adba0102b069142fe41e2dea175460
SHA-256: 4fe57b17b833c2d01103ba9d80513397fbb9d0205235c5dda914d6137fe43ae9
Size: 172.30 kB - freerdp-devel-2.2.0-7.el8.i686.rpm
MD5: 8207055c96a7c8c889b095e7d2df168d
SHA-256: a71fa63376dfdd10f09415af6187c03dc13b29801e703ac88b76982f399495ee
Size: 137.21 kB - freerdp-libs-2.2.0-7.el8.i686.rpm
MD5: e9a0fde157d486084c00d2ae74dc044d
SHA-256: 46e7426f8bed65775c1558a13414c0e6e8f0440da3d177618bcd0f8731c17a82
Size: 840.80 kB - libwinpr-2.2.0-7.el8.i686.rpm
MD5: 4d09a790bdd76ac1205182db1c89ab9a
SHA-256: 0786f66928c8204ea618a803dded137241466619c9e5c28024ecf702f4159bf7
Size: 342.05 kB - libwinpr-devel-2.2.0-7.el8.i686.rpm
MD5: 7c03f81a41b03f2b3e61301371ec471e
SHA-256: 92e4cbbfe586b8d430fdb82cea779748f1992921d7619c34ae7a83fa7e4f3c88
Size: 172.32 kB