PT-2024-3181 · Freerdp+8 · Freerdp+8

Akallabeth

Published

2024-04-23

Updated

2026-03-10

CVE-2024-32661

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 3.5.1

Description: The issue is related to a null pointer dereference. Exploitation of this issue may allow a remote attacker to cause a denial of service. FreeRDP is a free implementation of the Remote Desktop Protocol. The issue is associated with a possible NULL access and crash.

Recommendations: For versions prior to 3.5.1, update to version 3.5.1, which contains a patch for the issue. As a temporary workaround, consider restricting the use of the RDP client until a patch is applied. No other workarounds are available.

Exploit

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2024-03394

CVE-2024-32661

DLA-4053-1

GHSA-P5M5-342G-PV9M

INFSA-2024_9092

MGASA-2025-0108

OESA-2024-1542

OESA-2024-1623

OPENSUSE-SU-2024:13994-1

OPENSUSE-SU-2024_1856-1

OPENSUSE-SU-2024_2631-1

OPENSUSE-SU-2026:10123-1

OPENSUSE-SU-2026:20339-1

RHSA-2024:9092

RHSA-2024_9092

RLSA-2024:9092

SUSE-SU-2024:1835-1

SUSE-SU-2024:1856-1

SUSE-SU-2024:2631-1

USN-6752-1

USN-6759-1

USN-7341-1

Affected Products

Astra Linux

Debian

Freerdp

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-3181 · Freerdp+8 · Freerdp+8

CVE-2024-32661

Weakness Enumeration

Related Identifiers

Affected Products

References · 153