SUSE-SU-2023:0387-1
- Source
- https://www.suse.com/support/update/announcement/2023/suse-su-20230387-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0387-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2023:0387-1
- Related
- Published
- 2023-02-13T07:20:16Z
- Modified
- 2023-02-13T07:20:16Z
- Summary
- Security update for xrdp
- Details
-
This update for xrdp fixes the following issues:
- CVE-2022-23468: Fixed a buffer overflow in xrdploginwnd_create() (bsc#1206300).
- CVE-2022-23479: Fixed a buffer overflow in xrdpmmchandatain() (bsc#1206303).
- CVE-2022-23480: Fixed a buffer overflow in devredirprocclientdevlistannounce_req() (bsc#1206306).
- CVE-2022-23481: Fixed an out of bound read in xrdpcapsprocessconfirmactive() (bsc#1206307).
- CVE-2022-23482: Fixed an out of bound read in xrdpsecprocessmcsdataCSCORE() (bsc#1206310).
- CVE-2022-23483: Fixed an out of bound read in libxrdpsendto_channel() (bsc#1206311).
- CVE-2022-23484: Fixed a integer overflow in xrdpmmprocessrailupdatewindowtext() (bsc#1206312).
- References
-
- https://www.suse.com/support/update/announcement/2023/suse-su-20230387-1/
- https://bugzilla.suse.com/1206300
- https://bugzilla.suse.com/1206303
- https://bugzilla.suse.com/1206306
- https://bugzilla.suse.com/1206307
- https://bugzilla.suse.com/1206310
- https://bugzilla.suse.com/1206311
- https://bugzilla.suse.com/1206312
- https://www.suse.com/security/cve/CVE-2022-23468
- https://www.suse.com/security/cve/CVE-2022-23479
- https://www.suse.com/security/cve/CVE-2022-23480
- https://www.suse.com/security/cve/CVE-2022-23481
- https://www.suse.com/security/cve/CVE-2022-23482
- https://www.suse.com/security/cve/CVE-2022-23483
- https://www.suse.com/security/cve/CVE-2022-23484