Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpr_aligned_offset_recalloc(). This issue has been patched in version 3.24.2.
Published: 2026-03-30
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises from a heap-buffer-overflow READ in FreeRDP’s winpr_aligned_offset_recalloc() function, allowing a user to read 24 bytes before the allocated buffer. This out-of-bounds read can expose sensitive data stored adjacent to the buffer, potentially leading to confidential information leakage. The weakness is identified as a classic buffer read overflow and is most closely associated with CWE-125.

Affected Systems

FreeRDP software versions earlier than 3.24.2 are affected. The issue exists in the open-source FreeRDP implementation of the Remote Desktop Protocol; all deployments using these older versions are susceptible.

Risk and Exploitability

The CVSS score indicates moderate severity (7.1) but the EPSS score is below 1%, suggesting a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, further indicating limited known exploitation. Attackers would most likely need to craft a malicious RDP connection or client that causes the vulnerable allocation pattern, implying a remote attack vector.

Generated by OpenCVE AI on April 2, 2026 at 04:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to FreeRDP version 3.24.2 or later
  • If an upgrade is unavailable, disable or isolate the Remote Desktop features that trigger the vulnerable allocation routine
  • Verify that no legacy code paths remain that use the old allocation logic
  • Monitor system logs for anomalous memory read errors that could indicate exploitation attempts

Generated by OpenCVE AI on April 2, 2026 at 04:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Freerdp
Freerdp freerdp
Vendors & Products Freerdp
Freerdp freerdp

Tue, 31 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Description FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpr_aligned_offset_recalloc(). This issue has been patched in version 3.24.2.
Title FreeRDP: Persistent Cache Allocator Mismatch - Heap OOB Read
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H'}

Subscriptions

Freerdp Freerdp
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-31T14:07:35.702Z

Reserved: 2026-03-24T22:20:06.210Z

Link: CVE-2026-33982

cve-icon Vulnrichment

Updated: 2026-03-31T14:07:32.237Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-30T22:16:19.260

Modified: 2026-04-01T20:04:25.793

Link: CVE-2026-33982

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:53:54Z

Weaknesses