Details: https://nvd.nist.gov/vuln/detail/CVE-2024-32658
Backport the patch that was marked to resolve this issue by the relevant Github advisory[1]. [1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vpv3-m3m9-4c2v Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../freerdp/freerdp/CVE-2024-32658.patch | 36 +++++++++++++++++++ .../recipes-support/freerdp/freerdp_2.6.1.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32658.patch diff --git a/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32658.patch b/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32658.patch new file mode 100644 index 0000000000..7467991f62 --- /dev/null +++ b/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32658.patch @@ -0,0 +1,36 @@ +From 9b8628f014d14d85baeb0258d5558946603abc45 Mon Sep 17 00:00:00 2001 +From: akallabeth <[email protected]> +Date: Sat, 20 Apr 2024 17:59:49 +0200 +Subject: [PATCH] fix offset error + +(cherry picked from commit 1a755d898ddc028cc818d0dd9d49d5acff4c44bf) + +CVE: CVE-2024-32658 +Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/2b9f30a2fa4b13559a367f7cbe158e1bafe0f482] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + libfreerdp/codec/interleaved.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libfreerdp/codec/interleaved.c b/libfreerdp/codec/interleaved.c +index 58ddfbbfe..0c9e78fe0 100644 +--- a/libfreerdp/codec/interleaved.c ++++ b/libfreerdp/codec/interleaved.c +@@ -214,7 +214,7 @@ static UINT ExtractRunLengthRegularFgBg(const BYTE* pbOrderHdr, const BYTE* pbEn + runLength = (*pbOrderHdr) & g_MaskRegularRunLength; + if (runLength == 0) + { +- if (!buffer_within_range(pbOrderHdr, 1, pbEnd)) ++ if (!buffer_within_range(pbOrderHdr, 2, pbEnd)) + { + *advance = 0; + return 0; +@@ -284,7 +284,7 @@ static UINT ExtractRunLengthMegaMega(const BYTE* pbOrderHdr, const BYTE* pbEnd, + assert((pbEnd) && "Assert failed: pbEnd"); + assert((advance) && "Assert failed: advance"); + +- if (!buffer_within_range(pbOrderHdr, 2, pbEnd)) ++ if (!buffer_within_range(pbOrderHdr, 3, pbEnd)) + { + *advance = 0; + return 0; diff --git a/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb b/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb index 85d24428d4..1ad67b0a3c 100644 --- a/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb +++ b/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb @@ -37,6 +37,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=stable-2.0;protocol=https file://CVE-2024-32458.patch \ file://CVE-2024-32459.patch \ file://CVE-2024-32460.patch \ + file://CVE-2024-32658.patch \ " S = "${WORKDIR}/git"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123768): https://lists.openembedded.org/g/openembedded-devel/message/123768 Mute This Topic: https://lists.openembedded.org/mt/117414252/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
