Security update for freerdp SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2023:0399-1 Final 1 1 2023-02-13T15:17:39Z current 2023-02-13T15:17:39Z 2023-02-13T15:17:39Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for freerdp This update for freerdp fixes the following issues: - CVE-2022-39316: Fixed out of bound read in zgfx decoder (bsc#1205512). - CVE-2022-39317: Fixed undefined behaviour in zgfx decoder (bsc#1205512). - CVE-2022-39320: Fixed heap buffer overflow in urbdrc channel (bsc#1205512). - CVE-2022-39347: Fixed missing path sanitation with drive channel (bsc#1205512). - CVE-2022-41877: Fixed missing input length validation in drive channel (bsc#1205512). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2023-399,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-399,SUSE-SLE-Product-WE-15-SP4-2023-399,openSUSE-SLE-15.4-2023-399 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2023/suse-su-20230399-1/ Link for SUSE-SU-2023:0399-1 https://lists.suse.com/pipermail/sle-security-updates/2023-February/013751.html E-Mail link for SUSE-SU-2023:0399-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1205512 SUSE Bug 1205512 https://www.suse.com/security/cve/CVE-2022-39316/ SUSE CVE CVE-2022-39316 page https://www.suse.com/security/cve/CVE-2022-39317/ SUSE CVE CVE-2022-39317 page https://www.suse.com/security/cve/CVE-2022-39320/ SUSE CVE CVE-2022-39320 page https://www.suse.com/security/cve/CVE-2022-39347/ SUSE CVE CVE-2022-39347 page https://www.suse.com/security/cve/CVE-2022-41877/ SUSE CVE CVE-2022-41877 page SUSE Linux Enterprise Module for Package Hub 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP4 openSUSE Leap 15.4 freerdp-2.4.0-150400.3.18.1 freerdp-devel-2.4.0-150400.3.18.1 freerdp-proxy-2.4.0-150400.3.18.1 freerdp-server-2.4.0-150400.3.18.1 freerdp-wayland-2.4.0-150400.3.18.1 libfreerdp2-2.4.0-150400.3.18.1 libuwac0-0-2.4.0-150400.3.18.1 libwinpr2-2.4.0-150400.3.18.1 uwac0-0-devel-2.4.0-150400.3.18.1 winpr2-devel-2.4.0-150400.3.18.1 freerdp-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 freerdp-devel-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 freerdp-proxy-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 libfreerdp2-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 libwinpr2-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 winpr2-devel-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Module for Package Hub 15 SP4 freerdp-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 freerdp-devel-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 freerdp-proxy-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 libfreerdp2-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 libwinpr2-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 winpr2-devel-2.4.0-150400.3.18.1 as a component of SUSE Linux Enterprise Workstation Extension 15 SP4 freerdp-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 freerdp-devel-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 freerdp-proxy-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 freerdp-server-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 freerdp-wayland-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 libfreerdp2-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 libuwac0-0-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 libwinpr2-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 uwac0-0-devel-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 winpr2-devel-2.4.0-150400.3.18.1 as a component of openSUSE Leap 15.4 FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. This issue has been addressed in the 2.9.0 release. Users are advised to upgrade. CVE-2022-39316 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-proxy-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-server-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-wayland-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libfreerdp2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libuwac0-0-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libwinpr2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:uwac0-0-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:winpr2-devel-2.4.0-150400.3.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230399-1/ https://www.suse.com/security/cve/CVE-2022-39316.html CVE-2022-39316 https://bugzilla.suse.com/1205512 SUSE Bug 1205512 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX decoder. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it. This issue has been addressed in version 2.9.0. There are no known workarounds for this issue. CVE-2022-39317 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-proxy-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-server-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-wayland-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libfreerdp2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libuwac0-0-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libwinpr2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:uwac0-0-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:winpr2-devel-2.4.0-150400.3.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230399-1/ https://www.suse.com/security/cve/CVE-2022-39317.html CVE-2022-39317 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP may attempt integer addition on too narrow types leads to allocation of a buffer too small holding the data written. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the `/usb` redirection switch. CVE-2022-39320 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-proxy-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-server-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-wayland-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libfreerdp2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libuwac0-0-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libwinpr2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:uwac0-0-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:winpr2-devel-2.4.0-150400.3.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230399-1/ https://www.suse.com/security/cve/CVE-2022-39320.html CVE-2022-39320 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for `drive` channel. A malicious server can trick a FreeRDP based client to read files outside the shared directory. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the `/drive`, `/drives` or `+home-drive` redirection switch. CVE-2022-39347 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-proxy-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-server-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-wayland-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libfreerdp2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libuwac0-0-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libwinpr2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:uwac0-0-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:winpr2-devel-2.4.0-150400.3.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230399-1/ https://www.suse.com/security/cve/CVE-2022-39347.html CVE-2022-39347 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the drive redirection channel - command line options `/drive`, `+drives` or `+home-drive`. CVE-2022-41877 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Module for Package Hub 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-devel-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:freerdp-proxy-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libfreerdp2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:libwinpr2-2.4.0-150400.3.18.1 SUSE Linux Enterprise Workstation Extension 15 SP4:winpr2-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-proxy-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-server-2.4.0-150400.3.18.1 openSUSE Leap 15.4:freerdp-wayland-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libfreerdp2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libuwac0-0-2.4.0-150400.3.18.1 openSUSE Leap 15.4:libwinpr2-2.4.0-150400.3.18.1 openSUSE Leap 15.4:uwac0-0-devel-2.4.0-150400.3.18.1 openSUSE Leap 15.4:winpr2-devel-2.4.0-150400.3.18.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2023/suse-su-20230399-1/ https://www.suse.com/security/cve/CVE-2022-41877.html CVE-2022-41877