CVE-2024-22211

EUVD-2024-19787
FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
Affected Products (NVD)
VendorProductVersion
freerdpfreerdp
𝑥
< 2.11.5
freerdpfreerdp
3.0.0 ≤
𝑥
< 3.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
freerdp2
bookworm
no-dsa
bullseye
vulnerable
bullseye (security)
2.3.0+dfsg1-2+deb11u3
fixed
buster
postponed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
freerdp
bionic
needs-triage
focal
dne
jammy
dne
lunar
dne
mantic
dne
noble
dne
oracular
dne
plucky
dne
questing
dne
trusty
dne
xenial
needs-triage
freerdp2
bionic
needs-triage
focal
Fixed 2.6.1+dfsg1-0ubuntu0.20.04.1
released
jammy
Fixed 2.6.1+dfsg1-3ubuntu2.6
released
lunar
ignored
mantic
Fixed 2.10.0+dfsg1-1.1ubuntu1.2
released
noble
not-affected
oracular
not-affected
plucky
not-affected
questing
dne
trusty
dne
xenial
dne
freerdp3
focal
dne
jammy
dne
mantic
dne
noble
not-affected
oracular
not-affected
plucky
not-affected
questing
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
freerdp
suse enterprise desktop 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise desktop 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise sap 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise sap 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise server 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise server 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise workstation 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise workstation 15 SP6
2.11.2-150600.4.3.1
fixed
freerdp-devel
suse enterprise desktop 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise desktop 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise sap 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise sap 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise server 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise server 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise workstation 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise workstation 15 SP6
2.11.2-150600.4.3.1
fixed
freerdp-proxy
suse enterprise desktop 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise desktop 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise sap 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise sap 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise server 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise server 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise workstation 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise workstation 15 SP6
2.11.2-150600.4.3.1
fixed
freerdp-server
suse enterprise desktop 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise sap 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise server 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise workstation 15 SP6
2.11.2-150600.4.3.1
fixed
libfreerdp2
suse enterprise desktop 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise sap 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise server 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise workstation 15 SP5
2.4.0-150400.3.26.1
fixed
libfreerdp2-2
suse enterprise desktop 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise sap 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise server 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise workstation 15 SP6
2.11.2-150600.4.3.1
fixed
libwinpr2
suse enterprise desktop 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise sap 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise server 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise workstation 15 SP5
2.4.0-150400.3.26.1
fixed
libwinpr2-2
suse enterprise desktop 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise sap 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise server 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise workstation 15 SP6
2.11.2-150600.4.3.1
fixed
winpr-devel
suse enterprise desktop 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise sap 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise server 15 SP6
2.11.2-150600.4.3.1
fixed
suse enterprise workstation 15 SP6
2.11.2-150600.4.3.1
fixed
winpr2-devel
suse enterprise desktop 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise sap 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise server 15 SP5
2.4.0-150400.3.26.1
fixed
suse enterprise workstation 15 SP5
2.4.0-150400.3.26.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
freerdp
RHEL 9
2:2.11.7-1.el9
fixed
freerdp-devel
RHEL 9
2:2.11.7-1.el9
fixed
freerdp-libs
RHEL 9
2:2.11.7-1.el9
fixed
libwinpr
RHEL 9
2:2.11.7-1.el9
fixed
libwinpr-devel
RHEL 9
2:2.11.7-1.el9
fixed
Common Weakness Enumeration
References
https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff
https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44VOA5KQQT7KQPW7CLST4Y4SQTKK3IOU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQE3YSPOJPAUS7DPWIBTR5IQSQX35VM/
https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff
https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59
https://lists.debian.org/debian-lts-announce/2025/02/msg00016.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44VOA5KQQT7KQPW7CLST4Y4SQTKK3IOU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQE3YSPOJPAUS7DPWIBTR5IQSQX35VM/