freerdp-2.11.7-7.el8_10

エラータID: AXSA:2026-478:16

リリース日: 
2026/04/21 Tuesday - 15:26
題名: 
freerdp-2.11.7-7.el8_10
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- FreeRDP には、整数オーバーフローの問題があるため、リモートの
攻撃者により、サービス拒否攻撃 (DoS) 可能とする脆弱性が存在します。
(CVE-2026-33983)

- FreeRDP には、バッファサイズの算出処理に不備があるため、
リモートの攻撃者により、任意のコードの実行を可能とする脆弱性が
存在します。(CVE-2026-33984)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2026-33983
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressive_decompress_tile_upgrade() detects a mismatch via progressive_rfx_quant_cmp_equal() but only emits WLog_WARN, execution continues. The wrapped value (247) is used as a shift exponent, causing undefined behavior and an approximately 80 billion iteration loop (CPU DoS). This issue has been patched in version 3.24.2.
CVE-2026-33984
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in resize_vbar_entry() in libfreerdp/codec/clear.c, vBarEntry->size is updated to vBarEntry->count before the winpr_aligned_recalloc() call. If realloc fails, size is inflated while pixels still points to the old, smaller buffer. On a subsequent call where count <= size (the inflated value), realloc is skipped. The caller then writes count * bpp bytes of attacker-controlled pixel data into the undersized buffer, causing a heap buffer overflow. This issue has been patched in version 3.24.2.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. freerdp-2.11.7-7.el8_10.src.rpm
    MD5: de1fdf199fa964514ee74518d5f7ea53
    SHA-256: a1dabaad6e48c947e028a1946b15ba00815b25d78c533ea7b828c92b51b507fc
    Size: 7.03 MB

Asianux Server 8 for x86_64
  1. freerdp-2.11.7-7.el8_10.x86_64.rpm
    MD5: ffc9564707e7633d6c6ecf4b7028e6a0
    SHA-256: b95d59452eece334478de12fa0aa74a5eb969acc77e08f44d09ca910109ddd8e
    Size: 118.22 kB
  2. freerdp-devel-2.11.7-7.el8_10.i686.rpm
    MD5: 887c060f73e0ab8326c03aa725533063
    SHA-256: c38daf0b802194c90bf26cb458b9c5e354f0389c9bb3f8923b79f1330fd4370c
    Size: 147.49 kB
  3. freerdp-devel-2.11.7-7.el8_10.x86_64.rpm
    MD5: 6cf26b2b675184cba97fdaeec0b09be5
    SHA-256: dcc54715bf07c08fb4a054206ec573d2d37aae3101fbffb7bfa3a7b2727a19d4
    Size: 147.51 kB
  4. freerdp-libs-2.11.7-7.el8_10.i686.rpm
    MD5: 935051e642fafedf2d63635d19c7be01
    SHA-256: 78794a2b138e762e7925f346b8bd3eda27b9f1925660f8b1707a8ae9379d6cbe
    Size: 877.18 kB
  5. freerdp-libs-2.11.7-7.el8_10.x86_64.rpm
    MD5: f4fc77b0e27c2d42cf33356ec101e914
    SHA-256: a43394472e2888665fd1c5e2e8d72ba6fe203cc2ed958c96e2b81ce17b32ac90
    Size: 929.95 kB
  6. libwinpr-2.11.7-7.el8_10.i686.rpm
    MD5: 4db4613a721921b2dca28612b17f7d22
    SHA-256: 9653fb041fac68478718a4eea7e3d9d7c621fa83b8ba7b2f20986a62e75187b7
    Size: 362.30 kB
  7. libwinpr-2.11.7-7.el8_10.x86_64.rpm
    MD5: f667ae89cb55bee4e905dd2b0569b679
    SHA-256: b73b7f50a06393384f37615f9da38b610d46ad5598b7404721fdf74b93be5103
    Size: 379.04 kB
  8. libwinpr-devel-2.11.7-7.el8_10.i686.rpm
    MD5: 7391d9435b30f2bc58a3abaeeffc86a3
    SHA-256: 4ca3b16deacd75520b26a7a35f3ae9613b16f805b026351072350be61b2e91fe
    Size: 175.62 kB
  9. libwinpr-devel-2.11.7-7.el8_10.x86_64.rpm
    MD5: 22f78fd834b02c93819676338d2548d2
    SHA-256: 1621f0289bf4f6cd043f5923968adc81c6b6b97b0333c2f29bbdaf5ef684f0a2
    Size: 175.61 kB