FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).
Metrics
Affected Vendors & Products
References
History
Wed, 13 Nov 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/a:redhat:enterprise_linux:9 | |
Vendors & Products |
Redhat
Redhat enterprise Linux |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-04-22T20:36:45.439Z
Updated: 2024-08-02T02:06:42.838Z
Reserved: 2024-04-09T15:29:35.940Z
Link: CVE-2024-32040
Vulnrichment
Updated: 2024-08-02T02:06:42.838Z
NVD
Status : Awaiting Analysis
Published: 2024-04-22T21:15:49.290
Modified: 2024-11-21T09:14:22.423
Link: CVE-2024-32040
Redhat