FreeRDP based clients on unix systems using `/parallel` command line switch might read uninitialized data and send it to the server the client is currently connected to. Reference: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c45q-wcpg-mxjq
Created freerdp tracking bugs for this issue: Affects: fedora-all [bug 2134714] Created freerdp1.2 tracking bugs for this issue: Affects: epel-7 [bug 2134715]
Reference: https://github.com/FreeRDP/FreeRDP/releases/tag/2.8.1
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:2326 https://access.redhat.com/errata/RHSA-2023:2326
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:2851 https://access.redhat.com/errata/RHSA-2023:2851
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-39282