Search CVE reports
1 – 10 of 112 results
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves `gdi->drawing` pointing to freed memory, causing UAF when related update packets arrive. A malicious server...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it again, triggering ASan UAF. A...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts `cbData`/remaining length and never validates against the minimum size implied by `cx/cy`. A malicious server can...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s `gdi_SurfaceToSurface` path due to a mismatch between...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on...
3 affected packages
freerdp, freerdp2, freerdp3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| freerdp | Not in release | Not in release | — | Needs evaluation |
| freerdp2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| freerdp3 | Needs evaluation | Not in release | — | — |