PT-2026-25337 · Freerdp+2 · Freerdp+2

Yjk0805

Publicado

2026-01-01

Atualizado

2026-06-15

CVE-2026-31884

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0

Description FreeRDP is a free implementation of the Remote Desktop Protocol. A division by zero error exists in the MS-ADPCM and IMA-ADPCM decoders when the nBlockAlign variable is 0, resulting in a crash. The issue occurs in libfreerdp/codec/dsp.c where the decoders use size % block size, with block size equal to context->common.format.nBlockAlign. The nBlockAlign value originates from the Server Audio Formats PDU on the RDPSND channel and is not validated before being used in the decoder. When nBlockAlign is 0, a SIGFPE (floating point exception) crash occurs.

Recommendations Versions prior to 3.24.0 should be updated to version 3.24.0 or later.

Exploit

Correção

DoS

Divide By Zero

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-369

Identificadores relacionados

ALSA-2026:16014

ALSA-2026:16019

ALSA-2026:16482

BDU:2026-04143

CVE-2026-31884

GHSA-JP7M-94WW-P56R

OESA-2026-2439

OESA-2026-2440

OESA-2026-2441

OESA-2026-2442

OPENSUSE-SU-2026:10408-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:1632-1

SUSE-SU-2026:1633-1

SUSE-SU-2026:1634-1

SUSE-SU-2026:1635-1

SUSE-SU-2026:1640-1

SUSE-SU-2026:21436-1

Produtos afetados

Freerdp

Red Os

Rocky Linux

PT-2026-25337 · Freerdp+2 · Freerdp+2

CVE-2026-31884

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 91