diff --git a/debian/changelog b/debian/changelog
index e5133ea..c9e97c8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,6 +14,7 @@ freerdp2 (2.3.0+dfsg1-2+deb10u4) UNRELEASED; urgency=medium
     - CVE-2022-39318 - Division by zero in urbdrc channel
     - CVE-2022-39319 - Missing length validation in urbdrc channel 
     - CVE-2022-39347 - Missing path sanitation with `drive` channel 
+    - CVE-2022-41877 - Missing input length validation in `drive` channel
 
  -- Tobias Frost <tobi@debian.org>  Sat, 28 Oct 2023 18:12:57 +0200
 
diff --git a/debian/patches/0057-CVE-2022-41877.patch b/debian/patches/0057-CVE-2022-41877.patch
new file mode 100644
index 0000000..ac6c49d
--- /dev/null
+++ b/debian/patches/0057-CVE-2022-41877.patch
@@ -0,0 +1,38 @@
+Description: CVE-2022-41877
+Origin: https://github.com/FreeRDP/FreeRDP/commit/6655841cf2a00b764f855040aecb8803cfc5eaba
+Bug: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-pmv3-wpw4-pw5h
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024511
+From 6655841cf2a00b764f855040aecb8803cfc5eaba Mon Sep 17 00:00:00 2001
+From: akallabeth <akallabeth@posteo.net>
+Date: Mon, 24 Oct 2022 08:45:05 +0200
+Subject: [PATCH] Fixed missing stream length check in
+ drive_file_query_directory
+
+(cherry picked from commit 4e4bb79795d6ac85473fb7a83e53ccf63d204b93)
+---
+ channels/drive/client/drive_main.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/channels/drive/client/drive_main.c
++++ b/channels/drive/client/drive_main.c
+@@ -46,6 +46,10 @@
+ 
+ #include "drive_file.h"
+ 
++#define Stream_CheckAndLogRequiredLength(tag, s, len)                                             \
++	Stream_CheckAndLogRequiredLengthWLogEx(WLog_Get(tag), WLOG_WARN, s, len, "%s(%s:%" PRIuz ")", __FUNCTION__, \
++	                                   __FILE__, __LINE__)
++
+ typedef struct _DRIVE_DEVICE DRIVE_DEVICE;
+ 
+ struct _DRIVE_DEVICE
+@@ -629,6 +633,9 @@
+ 	Stream_Read_UINT32(irp->input, PathLength);
+ 	Stream_Seek(irp->input, 23); /* Padding */
+ 	path = (WCHAR*)Stream_Pointer(irp->input);
++	if (!Stream_CheckAndLogRequiredLength(TAG, irp->input, PathLength))
++		return ERROR_INVALID_DATA;
++
+ 	file = drive_get_file_by_id(drive, irp->FileId);
+ 
+ 	if (file == NULL)
diff --git a/debian/patches/series b/debian/patches/series
index 4508feb..f0b6190 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -46,3 +46,4 @@
 0054-CVE-2022-39318.patch
 0055-CVE-2022-39319.patch
 0056-CVE-2022-39347.patch
+0057-CVE-2022-41877.patch