Bug#1069752: freerdp3: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1069752: freerdp3: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 24 Apr 2024 09:25:49 +0200
Message-id: <[🔎] 171394354989.10791.6111177570847336207.reportbug@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1069752@bugs.debian.org

Source: freerdp3
Version: 3.5.0+dfsg1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerabilities were published for freerdp3.

CVE-2024-32658[0]:
| FreeRDP is a free implementation of the Remote Desktop Protocol.
| FreeRDP based clients prior to version 3.5.1 are vulnerable to out-
| of-bounds read. Version 3.5.1 contains a patch for the issue. No
| known workarounds are available.


CVE-2024-32659[1]:
| FreeRDP is a free implementation of the Remote Desktop Protocol.
| FreeRDP based clients prior to version 3.5.1 are vulnerable to out-
| of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version
| 3.5.1 contains a patch for the issue. No known workarounds are
| available.


CVE-2024-32660[2]:
| FreeRDP is a free implementation of the Remote Desktop Protocol.
| Prior to version 3.5.1, a malicious server can crash the FreeRDP
| client by sending invalid huge allocation size. Version 3.5.1
| contains a patch for the issue. No known workarounds are available.


CVE-2024-32661[3]:
| FreeRDP is a free implementation of the Remote Desktop Protocol.
| FreeRDP based clients prior to version 3.5.1 are vulnerable to a
| possible `NULL` access and crash. Version 3.5.1 contains a patch for
| the issue. No known workarounds are available.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-32658
    https://www.cve.org/CVERecord?id=CVE-2024-32658
[1] https://security-tracker.debian.org/tracker/CVE-2024-32659
    https://www.cve.org/CVERecord?id=CVE-2024-32659
[2] https://security-tracker.debian.org/tracker/CVE-2024-32660
    https://www.cve.org/CVERecord?id=CVE-2024-32660
[3] https://security-tracker.debian.org/tracker/CVE-2024-32661
    https://www.cve.org/CVERecord?id=CVE-2024-32661

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#1069752: marked as done (freerdp3: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#1066337: marked as done (tightvnc: FTBFS: vncconnect.c:17:5: error: implicit declaration of function ‘exit’ [-Werror=implicit-function-declaration])
Next by Date: Bug#1070063: Remmina fails to connect with Windows systems: Protocol Security Negotiation Failure (older release works)
Previous by thread: Bug#1066337: marked as done (tightvnc: FTBFS: vncconnect.c:17:5: error: implicit declaration of function ‘exit’ [-Werror=implicit-function-declaration])
Next by thread: Bug#1069752: marked as done (freerdp3: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661)
Index(es):
- Date
- Thread