Bug 33129 - freerdp new security issues CVE-2024-32039, CVE-2024-3204[01], CVE-2024-3245[89] and CVE-2024-32460
Summary: freerdp new security issues CVE-2024-32039, CVE-2024-3204[01], CVE-2024-3245[...
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 9
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA9-32-OK MGA9-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2024-04-22 16:53 CEST by Nicolas Salguero
Modified: 2024-05-01 00:26 CEST (History)
6 users (show)

See Also:
Source RPM: freerdp-2.10.0-2.1.mga9.src.rpm
CVE: CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460
Status comment: Fixed upstream in 2.11.6

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2024-04-22 16:53:39 CEST 
Slackware has issued an advisory on April 19:
https://lwn.net/Articles/970778/

Those problems are fixed in version 2.11.6.
Nicolas Salguero 2024-04-22 16:54:48 CEST

Source RPM: (none) => freerdp-2.10.0-2.1.mga9.src.rpm
CVE: (none) => CVE-2024-32039, CVE-2024-32040, CVE-2024-32041, CVE-2024-32458, CVE-2024-32459, CVE-2024-32460
Status comment: (none) => Fixed upstream in 2.11.6

Comment 1 Lewis Smith 2024-04-22 21:26:20 CEST 
Cauldron already has both 2.11.6 & 2.11.7, both put up by DavidG.
Who unfairly gets assigned this M9 update.

Assignee: bugsquad => geiger.david68210

Comment 2 David GEIGER 2024-04-23 16:09:56 CEST 
Assigning to QA,

Packages in 9/Core/Updates_testing:
======================
freerdp-2.11.7-1.mga9
libfreerdp-devel-2.11.7-1.mga9.x86_64.rpm
libfreerdp2-2.11.7-1.mga9.x86_64.rpm
lib64freerdp-devel-2.11.7-1.mga9.x86_64.rpm
lib64freerdp2-2.11.7-1.mga9.x86_64.rpm

From SRPMS:
freerdp-2.11.7-1.mga9.src.rpm

Assignee: geiger.david68210 => qa-bugs

katnatek 2024-04-24 04:05:37 CEST

Keywords: (none) => advisory

Comment 3 Len Lawrence 2024-04-24 18:31:19 CEST 
Mageia9, x64

Cannot get started with this one so have not bothered with the update.
With the current version I tried to run a session on a neighbouring PC. 
Installed xrdp on both machines and started the xdrp.service on both.  Port 8140 available on both as well.
Tried a simple example from the man pages and failed.
$ xfreerdp connection.rdp /u:lcl /p:<Password> /w:1920 /h:1080 v:192.168.1.64:8140

The response is the full man page.
Handing this on to somebody with more nous.

CC: (none) => tarazed25

Comment 4 katnatek 2024-04-26 20:29:54 CEST 
Install without issue in my both systems (x86_64 and i586) but I just can't make a connection from one system to other, reference bug#32100 comment#6

Sorry
Comment 5 Dave Hodgins 2024-04-26 20:59:11 CEST 
(In reply to katnatek from comment #4)
> Install without issue in my both systems (x86_64 and i586) but I just can't
> make a connection from one system to other, reference bug#32100 comment#6

According to "man freerdp-shadow-cli", tls can be disabled by specifying
-sec-tls as an option. That would be fine if you're working in a lan where
you are not worried about snooping. For use across an internet connection or
with untrusted systems on the same lan, tls should be configured and used,
though I haven't looked into how to do that.

CC: (none) => davidwhodgins

katnatek 2024-04-27 00:04:04 CEST

CC: (none) => andrewsfarm

Comment 6 katnatek 2024-04-27 00:05:26 CEST 
Very fun, I can connect from x86_64 to i586 but not the reverse

BTW could be a "The chair" issue

Whiteboard: (none) => MGA9-32-OK

Comment 7 PC LX 2024-04-29 17:44:34 CEST 
Installed and tested without issues.

Tested by connecting to a VM running Windows Server 2016 Datacenter.
All worked as expected. No regressions noticed.



Client System: Mageia 9, x86_64, Plasma DE, AMD Ryzen 5 5600G with Radeon Graphics using amdgpu driver.
Server System: Windows Server 2016 Datacenter, QEMU/KVM, AMD Ryzen 5 5600G with Radeon Graphics.



$ uname -a
Linux jupiter 6.6.28-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Wed Apr 17 17:19:36 UTC 2024 x86_64 GNU/Linux
$ rpm -qa | grep freerdp | sort
freerdp-2.11.7-1.mga9
lib64freerdp2-2.11.7-1.mga9
$ xfreerdp /v:jupiter-vm-windows-server-2016-datacenter /u:JUPITER\\Administrator /h:1000 /w:1920 /sound:sys:alsa
[16:37:00:999] [32256:32257] [WARN][com.freerdp.crypto] - Certificate verification failure 'self-signed certificate (18)' at stack position 0
[16:37:00:999] [32256:32257] [WARN][com.freerdp.crypto] - CN = jupiter-vm-windows-server-2016-datacenter
Certificate details for jupiter-vm-windows-server-2016-datacenter:3389 (RDP-Server):
        Common Name: jupiter-vm-windows-server-2016-datacenter
        Subject:     CN = jupiter-vm-windows-server-2016-datacenter
        Issuer:      CN = jupiter-vm-windows-server-2016-datacenter
        Thumbprint:  <SNIP>
The above X.509 certificate could not be verified, possibly because you do not have
the CA certificate in your certificate store, or the certificate has expired.
Please look at the OpenSSL documentation on how to add a private CA to the store.
Do you trust the above certificate? (Y/T/N) Y
Password: 
[16:37:11:710] [32256:32257] [INFO][com.freerdp.gdi] - Local framebuffer format  PIXEL_FORMAT_BGRX32
[16:37:11:710] [32256:32257] [INFO][com.freerdp.gdi] - Remote framebuffer format PIXEL_FORMAT_BGRA32
[16:37:11:715] [32256:32257] [INFO][com.freerdp.channels.rdpsnd.client] - [static] Loaded alsa backend for rdpsnd
[16:37:11:715] [32256:32257] [INFO][com.freerdp.channels.drdynvc.client] - Loading Dynamic Virtual Channel rdpsnd
[16:37:11:715] [32256:32257] [INFO][com.freerdp.channels.drdynvc.client] - Loading Dynamic Virtual Channel rdpgfx
[16:37:11:960] [32256:32291] [INFO][com.freerdp.channels.rdpsnd.client] - [dynamic] Loaded alsa backend for rdpsnd
[16:37:12:369] [32256:32291] [INFO][com.freerdp.channels.rdpsnd.client] - [dynamic] Loaded alsa backend for rdpsnd
[16:37:13:180] [32256:32256] [ERROR][com.freerdp.core] - freerdp_abort_connect:freerdp_set_last_error_ex ERRCONNECT_CONNECT_CANCELLED [0x0002000B]

CC: (none) => mageia

Comment 8 Brian Rockwell 2024-04-30 15:21:38 CEST 
MGA9-64, Xfce, Dell Chromebook installation

Installed updates 

freerdp-2.11.7-1.mga9
libfreerdp2-2.11.7-1.mga9.x86_64.rpm

Ran xfreerdp -f <ip>

worked as expected

CC: (none) => brtians1
Whiteboard: MGA9-32-OK => MGA9-32-OK MGA9-64-OK

Comment 9 Thomas Andrews 2024-04-30 21:49:44 CEST 
Validating.

CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update

Comment 10 Mageia Robot 2024-05-01 00:26:06 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0157.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.