{"id":"MGASA-2022-0447","summary":"Updated freerdp packages fix security vulnerability","details":"In affected versions there is an out of bound read in ZGFX decoder\ncomponent of FreeRDP. A malicious server can trick a FreeRDP based client\nto read out of bound data and try to decode it likely resulting in a\ncrash. (CVE-2022-39316)\n\nAffected versions of FreeRDP are missing a range check for input offset\nindex in ZGFX decoder. A malicious server can trick a FreeRDP based client\nto read out of bound data and try to decode it. (CVE-2022-39317)\n\nAffected versions of FreeRDP are missing input validation in 'urbdrc'\nchannel. A malicious server can trick a FreeRDP based client to crash with\ndivision by zero. (CVE-2022-39318)\n\nAffected versions of FreeRDP are missing input length validation in the\n'urbdrc' channel. A malicious server can trick a FreeRDP based client to\nread out of bound data and send it back to the server. (CVE-2022-39319)\n\nAffected versions of FreeRDP may attempt integer addition on too narrow\ntypes leads to allocation of a buffer too small holding the data written.\nA malicious server can trick a FreeRDP based client to read out of bound\ndata and send it back to the server. (CVE-2022-39320)\n\nAffected versions of FreeRDP are missing path canonicalization and base\npath check for `drive` channel. A malicious server can trick a FreeRDP\nbased client to read files outside the shared directory. (CVE-2022-39347)\n","modified":"2026-04-16T00:09:48.964053754Z","published":"2022-12-06T23:32:48Z","upstream":["CVE-2022-39316","CVE-2022-39317","CVE-2022-39318","CVE-2022-39319","CVE-2022-39320","CVE-2022-39347"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0447.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31173"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5734-1"},{"type":"ADVISORY","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5w4j-mrrh-jjrm"},{"type":"ADVISORY","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-99cm-4gw7-c8jh"},{"type":"ADVISORY","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35"},{"type":"ADVISORY","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mvxm-wfj2-5fvh"},{"type":"ADVISORY","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qfq2-82qr-7f4j"},{"type":"ADVISORY","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c5xq-8v35-pffg"}],"affected":[{"package":{"name":"freerdp","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/freerdp?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.0-1.4.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0447.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}