CVE-2023-39355

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.0.0-beta3

Description The issue is related to a Use-After-Free in processing RDPGFX CMDID RESETGRAPHICS packets. If context->maxPlaneSize is 0, context->planesBuffer will be freed, but without updating context->planesBuffer, this leads to a Use-After-Free exploit vector. In most environments, this should only result in a crash.

Recommendations For FreeRDP versions prior to 3.0.0-beta3, upgrade to version 3.0.0-beta3 or later to address the issue. As a temporary workaround, consider restricting access to the RDPGFX CMDID RESETGRAPHICS packet processing functionality until a patch is available. However, since this issue has been addressed in version 3.0.0-beta3, the best course of action is to upgrade to this version or later.