PT-2024-3183 · Freerdp+9 · Freerdp+9

Lowakallabeth

Published

2024-04-23

Updated

2026-03-10

CVE-2024-32658

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.5.1

Description The issue is related to an out-of-bounds read in the FreeRDP client, which is a free implementation of the Remote Desktop Protocol. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations For versions prior to 3.5.1, update to version 3.5.1, which contains a patch for the issue. As a temporary workaround, consider restricting the use of the FreeRDP client until the patch is applied. No other workarounds are available.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2025-4980

BDU:2024-03401

CVE-2024-32658

DLA-4053-1

GHSA-VPV3-M3M9-4C2V

INFSA-2024_9092

OESA-2024-1515

OPENSUSE-SU-2024:13994-1

OPENSUSE-SU-2024_1856-1

OPENSUSE-SU-2024_2631-1

OPENSUSE-SU-2026:10123-1

OPENSUSE-SU-2026:20339-1

RHSA-2024:9092

RHSA-2024_9092

RLSA-2024:9092

SUSE-SU-2024:1835-1

SUSE-SU-2024:1856-1

SUSE-SU-2024:2631-1

SUSE-SU-2024_1835-1

SUSE-SU-2024_1856-1

USN-6752-1

USN-6759-1

USN-7341-1

Affected Products

Alt Linux

Astra Linux

Debian

Freerdp

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2024-3183 · Freerdp+9 · Freerdp+9

CVE-2024-32658

Weakness Enumeration

Related Identifiers

Affected Products

References · 156