[Bug 1223342] New: Security issus in FreeRDP
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug ID: 1223342 Summary: Security issus in FreeRDP Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.5 Hardware: Other OS: Other Status: NEW Severity: Critical Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: ecsos@schirra.net QA Contact: qa-bugs@suse.de Target Milestone: --- Found By: --- Blocker: --- CVE-2024-32039 CVE-2024-32040 CVE-2024-32041 CVE-2024-32458 CVE-2024-32459 CVE-2024-32460 Request is here: https://build.opensuse.org/request/show/1170000 -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342
Marcus Meissner
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342
https://bugzilla.suse.com/show_bug.cgi?id=1223342#c1
Carlos López
CVE-2024-32039 bsc#1223293 CVE-2024-32040 bsc#1223294 CVE-2024-32041 bsc#1223295 CVE-2024-32458 bsc#1223296 CVE-2024-32459 bsc#1223297 CVE-2024-32460 bsc#1223298 -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342
https://bugzilla.suse.com/show_bug.cgi?id=1223342#c2
--- Comment #2 from Carlos López
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223298, which changed state. Bug 1223298 Summary: VUL-0: CVE-2024-32460: freerdp: out-of-bounds read when using `/bpp:32` legacy `GDI` drawing path https://bugzilla.suse.com/show_bug.cgi?id=1223298 What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223298, which changed state. Bug 1223298 Summary: VUL-0: CVE-2024-32460: freerdp: out-of-bounds read when using `/bpp:32` legacy `GDI` drawing path https://bugzilla.suse.com/show_bug.cgi?id=1223298 What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED |--- -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223298, which changed state. Bug 1223298 Summary: VUL-0: CVE-2024-32460: freerdp: out-of-bounds read when using `/bpp:32` legacy `GDI` drawing path https://bugzilla.suse.com/show_bug.cgi?id=1223298 What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223296, which changed state. Bug 1223296 Summary: VUL-0: CVE-2024-32458: freerdp: out-of-bounds read on pSrcData[] https://bugzilla.suse.com/show_bug.cgi?id=1223296 What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223294, which changed state. Bug 1223294 Summary: VUL-0: CVE-2024-32040: freerdp: integer underflow when using the `NSC` codec https://bugzilla.suse.com/show_bug.cgi?id=1223294 What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223295, which changed state. Bug 1223295 Summary: VUL-0: CVE-2024-32041: freerdp: out-of-bounds read in Stream_GetRemainingLength() https://bugzilla.suse.com/show_bug.cgi?id=1223295 What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223293, which changed state. Bug 1223293 Summary: VUL-0: CVE-2024-32039: freerdp: out-of-bounds write with variables of type uint32 https://bugzilla.suse.com/show_bug.cgi?id=1223293 What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/a895f78a81a109471893519443e4d933.jpg?s=120&d=mm&r=g)
https://bugzilla.suse.com/show_bug.cgi?id=1223342 Bug 1223342 depends on bug 1223297, which changed state. Bug 1223297 Summary: VUL-0: CVE-2024-32459: freerdp: out-of-bounds read in case SrcSize less than 4 https://bugzilla.suse.com/show_bug.cgi?id=1223297 What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com