PT-2026-25338 · Freerdp+2 · Freerdp+2

Yjk0805

Publicado

2026-01-01

Atualizado

2026-06-15

CVE-2026-31885

CVSS v3.1

9.4

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0

Description FreeRDP is a free implementation of the Remote Desktop Protocol. Versions before 3.24.0 contain an out-of-bounds read in the MS-ADPCM and IMA-ADPCM decoders. This issue is caused by unchecked predictor and step index values received from input data.

Recommendations Update to version 3.24.0 or later.

Exploit

Correção

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALSA-2026:16014

ALSA-2026:16019

ALSA-2026:16482

BDU:2026-04144

CVE-2026-31885

GHSA-H23R-3988-3WF3

MGASA-2026-0086

OESA-2026-2036

OESA-2026-2037

OESA-2026-2038

OESA-2026-2039

OESA-2026-2040

OPENSUSE-SU-2026:10408-1

OPENSUSE-SU-2026:10459-1

OPENSUSE-SU-2026:20632-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:1129-1

SUSE-SU-2026:1160-1

SUSE-SU-2026:1164-1

SUSE-SU-2026:1165-1

SUSE-SU-2026:1398-1

SUSE-SU-2026:21436-1

Produtos afetados

Freerdp

Red Os

Rocky Linux

PT-2026-25338 · Freerdp+2 · Freerdp+2

CVE-2026-31885

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 121