CVE-2026-31884

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0

Description FreeRDP is a free implementation of the Remote Desktop Protocol. A division by zero error exists in the MS-ADPCM and IMA-ADPCM decoders when the nBlockAlign variable is 0, resulting in a crash. The issue occurs in libfreerdp/codec/dsp.c where the decoders use size % block size, with block size equal to context->common.format.nBlockAlign. The nBlockAlign value originates from the Server Audio Formats PDU on the RDPSND channel and is not validated before being used in the decoder. When nBlockAlign is 0, a SIGFPE (floating point exception) crash occurs.

Recommendations Versions prior to 3.24.0 should be updated to version 3.24.0 or later.

Exploit

Fix

Divide By Zero

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-369

Related Identifiers

ALSA-2026:16014

ALSA-2026:16019

ALSA-2026:16482

BDU:2026-04143

CVE-2026-31884

GHSA-JP7M-94WW-P56R

OESA-2026-2439

OESA-2026-2440

OESA-2026-2441

OESA-2026-2442

OPENSUSE-SU-2026:10408-1

OPENSUSE-SU-2026:20657-1

SUSE-SU-2026:1632-1

SUSE-SU-2026:1633-1

SUSE-SU-2026:1634-1

SUSE-SU-2026:1635-1

SUSE-SU-2026:1640-1

SUSE-SU-2026:21436-1

Affected Products

Freerdp

Rocky Linux

CVE-2026-31884

Weakness Enumeration

Related Identifiers

Affected Products

References · 89