CLSA-2024-1721206783
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2024-1721206783.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2024-1721206783
- Upstream
- Published
- 2024-07-17T08:59:46Z
- Modified
- 2026-06-01T00:33:17.545301260Z
- Summary
- freerdp: Fix of 12 CVEs
- Details
-
- CVE-2023-39352: add bound check in gdi_SolidFill
- CVE-2023-39353: check indices are within range
- CVE-2023-39356: fix checks for multi opaque rect
- CVE-2023-40181: fix cBitsRemaining calculation
- CVE-2023-40186: fix integer multiplications
- CVE-2023-40188: fix input length validation
- CVE-2023-40567: fix missing bounds checks
- CVE-2023-40569: fix missing destination checks
- CVE-2024-22211: check resolution for overflow
- CVE-2023-39351: free content of currentMessage on fail
- CVE-2023-39350: fix possible out of bound read
- CVE-2023-40589: properly verify all offsets while decoding data
- References
Affected packages
TuxCare:CentOS:7 / freerdp
Package
- Name
- freerdp
- Purl
- pkg:rpm/tuxcare/freerdp?distro=centos-7
TuxCare:CentOS:7 / freerdp-devel
Package
- Name
- freerdp-devel
- Purl
- pkg:rpm/tuxcare/freerdp-devel?distro=centos-7
TuxCare:CentOS:7 / freerdp-libs
Package
- Name
- freerdp-libs
- Purl
- pkg:rpm/tuxcare/freerdp-libs?distro=centos-7
TuxCare:CentOS:7 / libwinpr
Package
- Name
- libwinpr
- Purl
- pkg:rpm/tuxcare/libwinpr?distro=centos-7