CVE-2024-32458
22.04.2024, 21:15
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server side support).Enginsight
| Vendor | Product | Version |
|---|---|---|
| freerdp | freerdp | 𝑥 < 2.11.6 |
| freerdp | freerdp | 3.0.0 ≤ 𝑥 < 3.5.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| freerdp |
| ||||||||||||||||||
| freerdp2 |
| ||||||||||||||||||
| freerdp3 |
|
Common Weakness Enumeration
References