Bug#1105917: marked as done (freerdp3: CVE-2025-4478)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Mon, 26 May 2025 13:04:28 +0000
with message-id <E1uJXVE-008zmG-VX@fasolo.debian.org>
and subject line Bug#1105917: fixed in freerdp3 3.15.0+dfsg-2.1
has caused the Debian Bug report #1105917,
regarding freerdp3: CVE-2025-4478
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1105917: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105917
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: gnome-remote-desktop: CVE-2025-4478
• From: Salvatore Bonaccorso <carnil@debian.org>
• Date: Sat, 17 May 2025 11:46:05 +0200
• Message-id: <174747516564.39483.16661739280160806375.reportbug@eldamar.lan>

Source: gnome-remote-desktop
Version: 48.1-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerability was published for gnome-remote-desktop.

CVE-2025-4478[0]:
| A flaw was found in the gnome-remote-desktop used by Anaconda's
| remote install feature, where a crafted RDP packet could trigger a
| segmentation fault. This issue causes the service to crash and
| remain defunct, resulting in a denial of service. It occurs pre-boot
| and is likely due to a NULL pointer dereference. Rebooting is
| required to recover the system.

I'm not entirely sure about this one, the reference is given to the RH
Bugzilla to [1] and it might relate to the issues reported in [2]. Do
you happend to know more about this assignment?


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-4478
    https://www.cve.org/CVERecord?id=CVE-2025-4478
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2365232
[2] https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/196

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

• To: 1105917-close@bugs.debian.org
• Subject: Bug#1105917: fixed in freerdp3 3.15.0+dfsg-2.1
• From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
• Date: Mon, 26 May 2025 13:04:28 +0000
• Message-id: <E1uJXVE-008zmG-VX@fasolo.debian.org>
• Reply-to: Daniel Baumann <daniel@debian.org>

Source: freerdp3
Source-Version: 3.15.0+dfsg-2.1
Done: Daniel Baumann <daniel@debian.org>

We believe that the bug you reported is fixed in the latest version of
freerdp3, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1105917@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Baumann <daniel@debian.org> (supplier of updated freerdp3 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 26 May 2025 14:38:19 +0200
Source: freerdp3
Architecture: source
Version: 3.15.0+dfsg-2.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Daniel Baumann <daniel@debian.org>
Closes: 1105917
Changes:
 freerdp3 (3.15.0+dfsg-2.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Cherry-picking patch from upstream:
     - A flaw was found where a crafted RDP packet could trigger a segmentation
       fault. This causes FreeRDP to crash and remain defunct, resulting in a
       denial of service. Initializing function pointers in transport.c after
       resource allocation fixes this [CVE-2025-4478] (Closes: #1105917).
Checksums-Sha1:
 4730635957760e4a3459f5abbca77875a184a4dc 3507 freerdp3_3.15.0+dfsg-2.1.dsc
 49f8f85ed62fe13cd14aa8a0dfa8646a72b4c6cb 57368 freerdp3_3.15.0+dfsg-2.1.debian.tar.xz
 6f9134ee122c9f3321b5f57954326ecf450a4c2f 26210 freerdp3_3.15.0+dfsg-2.1_amd64.buildinfo
Checksums-Sha256:
 2c4f8257491193f4a54b4a865e019cb4ca7c4d644b9e94d5d26f6391b7846a0d 3507 freerdp3_3.15.0+dfsg-2.1.dsc
 dfda6d020a9b6bfb4812e354c31f1de694c33284d8bbea4ec7c0b878b66fa5c7 57368 freerdp3_3.15.0+dfsg-2.1.debian.tar.xz
 44306448b8b7bca22ebe85c40cb3f9f330701c7d2bf9a882e336cc2f52dcfe09 26210 freerdp3_3.15.0+dfsg-2.1_amd64.buildinfo
Files:
 ceaaa41b5faf986abc2b8031e5881b83 3507 x11 optional freerdp3_3.15.0+dfsg-2.1.dsc
 253871191f2d69b0a6c5ae709f1883fe 57368 x11 optional freerdp3_3.15.0+dfsg-2.1.debian.tar.xz
 e623d245ef209bd95fd29e5f733be768 26210 x11 optional freerdp3_3.15.0+dfsg-2.1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQmmGg4gLaoSj0ERgL7tPDoCoAiLwUCaDRiOgAKCRD7tPDoCoAi
L+ORAQDHJSdlhyaihlKF/mWqLYBWab/iCO038MWmRqwsdFS2UwD/fI5vBARQ43mm
vpFHlkfY2NF0U5ZzU9PledR5OOn9wAk=
=1Ka7
-----END PGP SIGNATURE-----

Attachment: pgpp_2Dl22tsk.pgp
Description: PGP signature

--- End Message ---