2 files changed, 28 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32661.patch b/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32661.patch
new file mode 100644
index 0000000000..002135b5e4
--- /dev/null
+++ b/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32661.patch
@@ -0,0 +1,27 @@
+From 71e463e31b4d69f4022d36bfc814592f56600793 Mon Sep 17 00:00:00 2001
+From: akallabeth <akallabeth@posteo.net>
+Date: Sun, 21 Apr 2024 13:56:13 +0200
+Subject: [PATCH] [core,info] fix missing check in rdp_write_logon_info_v1
+CVE: CVE-2024-32661
+Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/71e463e31b4d69f4022d36bfc814592f56600793]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ libfreerdp/core/info.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/libfreerdp/core/info.c b/libfreerdp/core/info.c
+index 7d6eec137..3395e4d2e 100644
+--- a/libfreerdp/core/info.c
+++ b/libfreerdp/core/info.c
+@@ -1322,6 +1322,10 @@ static BOOL rdp_write_logon_info_v1(wStream* s, logon_info* info)
+                return FALSE;
+ 
+        /* domain */
+       WINPR_ASSERT(info);
+       if (!info->domain || !info->username)
+               return FALSE;
+
+        ilen = ConvertToUnicode(CP_UTF8, 0, info->domain, -1, &wString, 0);
+ 
+        if (ilen < 0)
diff --git a/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb b/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb
index ee4d4530d6..870c3ffe2f 100644
--- a/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb
+++ b/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb
@@ -20,6 +20,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=stable-2.0;protocol=https
           file://0001-Fix-const-qualifier-error.patch \
           file://0002-Do-not-install-tools-a-CMake-targets.patch \
           file://0001-Fixed-compilation-warnings-in-ainput-channel.patch \
+           file://CVE-2024-32661.patch \
           "
 S = "${WORKDIR}/git"

diff --git a/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32661.patch b/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32661.patch new file mode 100644 index 0000000000..002135b5e4 --- /dev/null +++ b/meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32661.patch
@@ -0,0 +1,27 @@
		1	From 71e463e31b4d69f4022d36bfc814592f56600793 Mon Sep 17 00:00:00 2001
		2	From: akallabeth <akallabeth@posteo.net>
		3	Date: Sun, 21 Apr 2024 13:56:13 +0200
		4	Subject: [PATCH] [core,info] fix missing check in rdp_write_logon_info_v1
		5
		6	CVE: CVE-2024-32661
		7	Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/71e463e31b4d69f4022d36bfc814592f56600793]
		8	Signed-off-by: Peter Marko <peter.marko@siemens.com>
		9	---
		10	libfreerdp/core/info.c \| 4 ++++
		11	1 file changed, 4 insertions(+)
		12
		13	diff --git a/libfreerdp/core/info.c b/libfreerdp/core/info.c
		14	index 7d6eec137..3395e4d2e 100644
		15	--- a/libfreerdp/core/info.c
		16	+++ b/libfreerdp/core/info.c
		17	@@ -1322,6 +1322,10 @@ static BOOL rdp_write_logon_info_v1(wStream* s, logon_info* info)
		18	return FALSE;
		19
		20	/* domain */
		21	+ WINPR_ASSERT(info);
		22	+ if (!info->domain \|\| !info->username)
		23	+ return FALSE;
		24	+
		25	ilen = ConvertToUnicode(CP_UTF8, 0, info->domain, -1, &wString, 0);
		26
		27	if (ilen < 0)


diff --git a/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb b/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb index ee4d4530d6..870c3ffe2f 100644 --- a/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb +++ b/meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb
@@ -20,6 +20,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=stable-2.0;protocol=https
20	file://0001-Fix-const-qualifier-error.patch \	20	file://0001-Fix-const-qualifier-error.patch \
21	file://0002-Do-not-install-tools-a-CMake-targets.patch \	21	file://0002-Do-not-install-tools-a-CMake-targets.patch \
22	file://0001-Fixed-compilation-warnings-in-ainput-channel.patch \	22	file://0001-Fixed-compilation-warnings-in-ainput-channel.patch \
		23	file://CVE-2024-32661.patch \
23	"	24	"
24		25
25	S = "${WORKDIR}/git"	26	S = "${WORKDIR}/git"