Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:SUSE-SU-2024:2631-1
HistoryJul 30, 2024 - 7:12 a.m.

Security update for freerdp

2024-07-3007:12:56
Google
osv.dev
2
freerdp
security update
cve-2024-22211
heap-buffer overflow
cve-2024-32658
out-of-bounds read
cve-2024-32659
client crash
cve-2024-32660
null pointer dereference

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

JSON

This update for freerdp fixes the following issues:

  • CVE-2024-22211: Fixed integer overflow in freerdp_bitmap_planar_context_reset that could lead to heap-buffer overflow (bsc#1219049)
  • CVE-2024-32658: Fixed out-of-bounds read in Interleaved RLE Bitmap Codec in FreeRDP based clients (bsc#1223353)
  • CVE-2024-32659: Fixed out-of-bounds read if ((nWidth == 0) and (nHeight == 0)) (bsc#1223346)
  • CVE-2024-32660: Fixed client crash via invalid huge allocation size (bsc#1223347)
  • CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348)

Related

nessus 20
ubuntu 3
openvas 14
osv 18
fedora 6
debiancve 5
cvelist 5
amazon 2
prion 1
vulnrichment 4
ubuntucve 5
nvd 5
veracode 5
cgr 5
cve 5
wolfi 5
redhatcve 5
alpinelinux 3
nessus
nessus
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : freerdp (SUSE-SU-2024:2631-1)
2024-07-31 00:00:00
SUSE SLED12 / SLES12 Security Update : freerdp (SUSE-SU-2024:1835-1)
2024-05-30 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : FreeRDP vulnerabilities (USN-6752-1)
2024-04-25 00:00:00
ubuntu
ubuntu
FreeRDP vulnerabilities
2024-04-25 00:00:00
FreeRDP vulnerabilities
2024-04-29 00:00:00
FreeRDP vulnerabilities
2024-04-24 00:00:00
openvas
openvas
openSUSE: Security Advisory for freerdp (SUSE-SU-2024:1856-1)
2024-08-20 00:00:00
Ubuntu: Security Advisory (USN-6752-1)
2024-04-26 00:00:00
Ubuntu: Security Advisory (USN-6759-1)
2024-04-30 00:00:00
osv
osv
freerdp2 vulnerabilities
2024-04-25 14:39:56
freerdp2-devel-2.11.5-3.1 on GA media
2024-06-15 00:00:00
freerdp3 vulnerabilities
2024-04-29 16:44:07
fedora
fedora
[SECURITY] Fedora 40 Update: freerdp-3.5.1-1.fc40
2024-05-09 01:41:51
[SECURITY] Fedora 40 Update: freerdp2-2.11.7-1.fc40
2024-05-09 01:41:53
[SECURITY] Fedora 38 Update: freerdp-2.11.7-1.fc38
2024-05-09 01:49:12
debiancve
debiancve
CVE-2024-32658
2024-04-23 18:15:15
CVE-2024-32661
2024-04-23 20:15:07
CVE-2024-32660
2024-04-23 20:15:07
cvelist
cvelist
CVE-2024-32658 FreeRDP ExtractRunLengthRegular* out of bound read
2024-04-23 17:41:21
CVE-2024-22211 FreeRDP integer Overflow leading to Heap Overflow
2024-01-19 19:54:32
CVE-2024-32661 FreeRDP rdp_write_logon_info_v1 NULL access
2024-04-23 20:05:50
amazon
amazon
Medium: freerdp
2024-05-09 19:16:00
Medium: freerdp
2024-06-06 20:17:00
prion
prion
Integer overflow
2024-01-19 20:15:00
vulnrichment
vulnrichment
CVE-2024-32661 FreeRDP rdp_write_logon_info_v1 NULL access
2024-04-23 20:05:50
CVE-2024-32660 FreeRDP zgfx_decompress out of memory vulnerability
2024-04-23 20:03:28
CVE-2024-32659 freerdp_image_copy out of bound read
2024-04-23 19:40:24
ubuntucve
ubuntucve
CVE-2024-32661
2024-04-23 00:00:00
CVE-2024-32660
2024-04-23 00:00:00
CVE-2024-32659
2024-04-23 00:00:00
nvd
nvd
CVE-2024-32660
2024-04-23 20:15:07
CVE-2024-22211
2024-01-19 20:15:13
CVE-2024-32659
2024-04-23 20:15:07
veracode
veracode
NULL Pointer Dereference
2024-04-25 07:21:04
Denial Of Service (DoS)
2024-04-25 07:00:39
Out-of-bounds Read
2024-04-24 06:40:30
cgr
cgr
CVE-2024-32661 vulnerabilities
2024-05-19 03:07:16
CVE-2024-22211 vulnerabilities
2024-05-19 03:07:16
CVE-2024-32659 vulnerabilities
2024-05-19 03:07:16
cve
cve
CVE-2024-32660
2024-04-23 20:15:07
CVE-2024-32661
2024-04-23 20:15:07
CVE-2024-32659
2024-04-23 20:15:07
wolfi
wolfi
CVE-2024-32660 vulnerabilities
2024-09-27 09:13:12
CVE-2024-32659 vulnerabilities
2024-09-27 09:13:12
CVE-2024-32658 vulnerabilities
2024-09-27 09:13:12
redhatcve
redhatcve
CVE-2024-32658
2024-04-24 20:05:03
CVE-2024-32660
2024-04-24 20:05:18
CVE-2024-32659
2024-04-24 20:05:09
alpinelinux
alpinelinux
CVE-2024-32658
2024-04-23 18:15:15
CVE-2024-22211
2024-01-19 20:15:13
CVE-2024-32661
2024-04-23 20:15:07

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

High

JSON
Related for OSV:SUSE-SU-2024:2631-1
nessus20ubuntu3openvas14osv18fedora6debiancve5cvelist5amazon2prion1vulnrichment4ubuntucve5nvd5veracode5cgr5cve5wolfi5redhatcve5alpinelinux3