mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

freerdp3: fix CVE-2026-24679

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-24679

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Ankur Tyagi
2026-04-09 19:09:06 +12:00
committed by Anuj Mittal
parent 09cd8e482a
commit 27ba3fb054
2 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-support/freerdp/freerdp3/CVE-2026-24679.patch
+44
View File
@@ -0,0 +1,44 @@
From d128bdb4131634a7f877500da9fee4fee99bf019 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Mon, 26 Jan 2026 10:59:39 +0100
Subject: [PATCH] [channels,urbdrc] ensure InterfaceNumber is within range
(cherry picked from commit 2d563a50be17c1b407ca448b1321378c0726dd31)
CVE: CVE-2026-24679
Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31]
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
---
channels/urbdrc/client/libusb/libusb_udevice.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/channels/urbdrc/client/libusb/libusb_udevice.c b/channels/urbdrc/client/libusb/libusb_udevice.c
index c226eb806..ea12e55e0 100644
--- a/channels/urbdrc/client/libusb/libusb_udevice.c
+++ b/channels/urbdrc/client/libusb/libusb_udevice.c
@@ -532,19 +532,19 @@ static int libusb_udev_select_interface(IUDEVICE* idev, BYTE InterfaceNumber, BY
int error = 0;
int diff = 0;
UDEVICE* pdev = (UDEVICE*)idev;
- URBDRC_PLUGIN* urbdrc = NULL;
- MSUSB_CONFIG_DESCRIPTOR* MsConfig = NULL;
- MSUSB_INTERFACE_DESCRIPTOR** MsInterfaces = NULL;
if (!pdev || !pdev->urbdrc)
return -1;
- urbdrc = pdev->urbdrc;
- MsConfig = pdev->MsConfig;
+ URBDRC_PLUGIN* urbdrc = pdev->urbdrc;
+ MSUSB_CONFIG_DESCRIPTOR* MsConfig = pdev->MsConfig;
if (MsConfig)
{
- MsInterfaces = MsConfig->MsInterfaces;
+ if (InterfaceNumber >= MsConfig->NumInterfaces)
+ return -2;
+
+ MSUSB_INTERFACE_DESCRIPTOR** MsInterfaces = MsConfig->MsInterfaces;
if (MsInterfaces)
{
WLog_Print(urbdrc->log, WLOG_INFO,
meta-oe/recipes-support/freerdp/freerdp3_3.4.0.bb
+1
View File
@@ -26,6 +26,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=master;protocol=https \
file://CVE-2026-24491.patch \
file://CVE-2026-24675.patch \
file://CVE-2026-24676.patch \
file://CVE-2026-24679.patch \
"
S = "${WORKDIR}/git"