Ubuntu update for freerdp2
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2024-32458 CVE-2024-32459 CVE-2024-32659 CVE-2024-32660 |
| CWE-ID | CWE-125 CWE-119 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system libfreerdp2-2t64 (Ubuntu package) Operating systems & Components / Operating system package or component libfreerdp-server2-2t64 (Ubuntu package) Operating systems & Components / Operating system package or component libfreerdp-client2-2t64 (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU88848
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-32458
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in planar_skip_plane_rle. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package freerdp2 to the latest version.
Vulnerable software versionsUbuntu: 24.04
libfreerdp2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-server2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-client2-2t64 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:ubuntu:24.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:libfreerdp2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-server2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-client2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7371-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU88849
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-32459
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ncrush_decompress. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package freerdp2 to the latest version.
Vulnerable software versionsUbuntu: 24.04
libfreerdp2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-server2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-client2-2t64 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:libfreerdp2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-server2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-client2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7371-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Out-of-bounds read
EUVDB-ID: #VU88943
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-32659
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in freerdp_image_copy. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package freerdp2 to the latest version.
Vulnerable software versionsUbuntu: 24.04
libfreerdp2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-server2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-client2-2t64 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:libfreerdp2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-server2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-client2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7371-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU88945
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-32660
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error. A remote attacker can trigger memory corruption and cause a denial of service condition on the target system.
MitigationUpdate the affected package freerdp2 to the latest version.
Vulnerable software versionsUbuntu: 24.04
libfreerdp2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-server2-2t64 (Ubuntu package): before Ubuntu Pro
libfreerdp-client2-2t64 (Ubuntu package): before Ubuntu Pro
CPE2.3- cpe:2.3:o:canonical:libfreerdp2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-server2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:libfreerdp-client2-2t64_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7371-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
