PT-2026-25333 · Freerdp+2 · Freerdp+2

Ehdgks0627

Publicado

2026-01-01

Atualizado

2026-06-15

CVE-2026-29775

CVSS v3.1

8.2

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0

Description FreeRDP is a free implementation of the Remote Desktop Protocol. A client-side heap out-of-bounds read/write issue exists in FreeRDP's bitmap cache subsystem. This is due to an incorrect boundary check in the bitmap cache put function when handling a CACHE BITMAP ORDER (Rev1) message with a cacheId equal to maxCells. This allows a malicious server to bypass security checks and access memory outside the allocated array.

Recommendations Update to version 3.24.0 or later.

Exploit

Correção

DoS

Memory Corruption

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-122

Identificadores relacionados

ALSA-2026:16014

ALSA-2026:16019

ALSA-2026:16482

BDU:2026-04139

CVE-2026-29775

GHSA-H666-RFW3-JHVJ

OESA-2026-2439

OESA-2026-2440

OESA-2026-2441

OESA-2026-2442

OPENSUSE-SU-2026:10408-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:1632-1

SUSE-SU-2026:1633-1

SUSE-SU-2026:1634-1

SUSE-SU-2026:1635-1

SUSE-SU-2026:1640-1

SUSE-SU-2026:21436-1

Produtos afetados

Freerdp

Red Os

Rocky Linux

PT-2026-25333 · Freerdp+2 · Freerdp+2

CVE-2026-29775

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 90