FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).
History

Wed, 13 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-04-22T20:36:45.439Z

Updated: 2024-08-02T02:06:42.838Z

Reserved: 2024-04-09T15:29:35.940Z

Link: CVE-2024-32040

cve-icon Vulnrichment

Updated: 2024-08-02T02:06:42.838Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-22T21:15:49.290

Modified: 2024-11-21T09:14:22.423

Link: CVE-2024-32040

cve-icon Redhat

Severity : Low

Publid Date: 2024-04-22T00:00:00Z

Links: CVE-2024-32040 - Bugzilla