CVE-2024-32041
22.04.2024, 21:15
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead.Enginsight
| Vendor | Product | Version |
|---|---|---|
| freerdp | freerdp | 𝑥 < 2.11.6 |
| freerdp | freerdp | 3.5.0 ≤ 𝑥 ≤ 3.5.0 |
| freerdp | freerdp | 𝑥 < 2.11.6 |
| freerdp | freerdp | 3.0.0 ≤ 𝑥 < 3.5.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| freerdp |
| ||||||||||||||||
| freerdp2 |
| ||||||||||||||||
| freerdp3 |
|
Common Weakness Enumeration
References