Bug 919455 (CVE-2021-44425, CVE-2021-44426)

Summary:	net-misc/anydesk multiple vulnerabilities
Product:	Gentoo Security	Reporter:	nvaert1986 <nvaert1986>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	normal	CC:	jaco, proxy-maint
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://www.cvedetails.com/cve/CVE-2021-44426/
Whiteboard:
Package list:		Runtime testing required:	---

Description nvaert1986 2023-12-08 10:54:48 UTC

Older versions of AnyDesk contain security flaws. It's recommended to update this to the latest version, due to newer security flaws in more recent versions of the software.

See https://www.cvedetails.com/cve/CVE-2021-44426/ and https://www.cvedetails.com/cve/CVE-2021-44425/ and https://www.cvedetails.com/cve/CVE-2023-26509/ for more details.

Reproducible: Always

Steps to Reproduce:
Steps to Reproduce:
1.Run emerge -pv andesk and notice that the latest version in portage is 6.3.0.
Actual Results:  
An outdated version of net-misc/anydesk

Expected Results:  
A secure up-to-date version of net-misc/anydesk

Let me know if there's any additional information is necessary.

Comment 1 Jaco Kroon 2023-12-12 06:08:37 UTC

The former two are vulnerabilities in the *Anydesk Windows client*, so not relevant to Linux, the third is against version 7.0.8 which isn't available on Linux at all.

Marking as RESOLVED / INVALID.

Kind regards,
Jaco