CRITICAL🇵🇱 Wersja polska

CVE-2024-32659

CVSS 9.8v3.1pub. 2024-04-23upd. 2025-11-03

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

🤖 AI Analysis
How it works

The error (CWE-125 — out-of-bounds read) occurs when the FreeRDP client application processes graphics data in which both nWidth and nHeight values are 0. The lack of proper validation of these parameters causes the code to attempt to read data outside the allocated memory area. This situation can be triggered by a malicious RDP server or appropriately crafted network traffic.

Impact

An attacker can gain unauthorized access to sensitive data stored in the client process memory (violation of confidentiality and integrity), as well as cause application crashes (violation of availability). In extreme cases, the error may enable further actions leading to system takeover.

Mitigation & patch

FreeRDP should be updated to version 3.5.1, which contains a patch eliminating the vulnerability. For Fedora systems, package updates published by the Fedora Project should be applied according to the references. The vendor has not indicated any known workarounds.

Who is affected

FreeRDP clients in versions before 3.5.1 and FreeRDP packages available in Fedora distributions (versions covered by Fedora Project security updates).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fedora Project Fedora

    OS
    Fedoraproject
    383940
  • Freerdp

    APP
    Freerdp
    < 2.11.73.0.0 – 3.5.1 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)

CVE-2024-4671CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox

CVE-2023-6345CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Integer overflow w Skia w Google Chrome — sandbox escape