发布于3月6日3月6日 Members SUSE: CVE-2023-40181: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:C) Published 08/31/2023 Created 12/01/2023 Added 11/30/2023 Modified 01/28/2025 Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the `zgfx_decompress_segment` function. In the context of `CopyMemory`, it's possible to read data beyond the transmitted packet range and likely cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue. Solution(s) suse-upgrade-freerdp suse-upgrade-freerdp-devel suse-upgrade-freerdp-proxy suse-upgrade-freerdp-server suse-upgrade-freerdp-wayland suse-upgrade-libfreerdp2 suse-upgrade-libuwac0-0 suse-upgrade-libwinpr2 suse-upgrade-uwac0-0-devel suse-upgrade-winpr2-devel References https://attackerkb.com/topics/cve-2023-40181 CVE - 2023-40181
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。