Details: https://nvd.nist.gov/vuln/detail/CVE-2026-22854
Backport the patch that is referenced by the relevant Github advisory[1]. [1]: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../freerdp/freerdp/CVE-2026-22854.patch | 29 +++++++++++++++++++ .../recipes-support/freerdp/freerdp_2.11.7.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta-oe/recipes-support/freerdp/freerdp/CVE-2026-22854.patch diff --git a/meta-oe/recipes-support/freerdp/freerdp/CVE-2026-22854.patch b/meta-oe/recipes-support/freerdp/freerdp/CVE-2026-22854.patch new file mode 100644 index 0000000000..791e10ab25 --- /dev/null +++ b/meta-oe/recipes-support/freerdp/freerdp/CVE-2026-22854.patch @@ -0,0 +1,29 @@ +From 94d3791abcdbc1e72827921906d5f9c14a2b0a78 Mon Sep 17 00:00:00 2001 +From: Gyorgy Sarvari <[email protected]> +Date: Mon, 12 Jan 2026 03:44:06 +0100 +Subject: [PATCH] fix constant type + +From: akallabeth <[email protected]> + +ensure constant is of 64bit integer type + +CVE: CVE-2026-22854 +Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/3da319570c8a6be0a79b3306f1ed354c4a943259] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + channels/drive/client/drive_main.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/channels/drive/client/drive_main.c b/channels/drive/client/drive_main.c +index b6cf2ad32..5df7fbe97 100644 +--- a/channels/drive/client/drive_main.c ++++ b/channels/drive/client/drive_main.c +@@ -295,7 +295,7 @@ static UINT drive_process_irp_read(DRIVE_DEVICE* drive, IRP* irp) + Length = 0; + } + +- if (!Stream_EnsureRemainingCapacity(irp->output, Length + 4)) ++ if (!Stream_EnsureRemainingCapacity(irp->output, 4ull + Length)) + { + WLog_ERR(TAG, "Stream_EnsureRemainingCapacity failed!"); + return ERROR_INTERNAL_ERROR; diff --git a/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb b/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb index 225f49a94b..0bdf56938b 100644 --- a/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb +++ b/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb @@ -24,6 +24,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=stable-2.0;protocol=https file://0002-Do-not-install-tools-a-CMake-targets.patch \ file://0001-Fixed-compilation-warnings-in-ainput-channel.patch \ file://CVE-2024-32661.patch \ + file://CVE-2026-22854.patch \ "
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124315): https://lists.openembedded.org/g/openembedded-devel/message/124315 Mute This Topic: https://lists.openembedded.org/mt/117733921/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
