Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpr_aligned_offset_recalloc(). This issue has been patched in version 3.24.2.
Published: 2026-03-30
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure via Heap OOB Read
Action: Patch Now
AI Analysis

Impact

FreeRDP, an open‑source implementation of the Remote Desktop Protocol, has a heap‑based out‑of‑bounds read that occurs 24 bytes before a memory allocation in the winpr_aligned_offset_recalloc function. The vulnerability is a buffer error that can expose data residing adjacent in heap memory, effectively leaking sensitive information. This weakness is classified as CWE‑125, which describes a heap‑based buffer over‑read where data is read beyond the intended bounds.

Affected Systems

The flaw affects the FreeRDP project, specifically all releases prior to version 3.24.2. It is tied to the winpr library component used for memory management. Any system running a vulnerable instance of the FreeRDP client or server should be considered at risk until an updated version is deployed. No additional vendor or product variants are listed beyond the core FreeRDP codebase.

Risk and Exploitability

The CVSS base score of 7.1 indicates a high severity issue, but EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting no widely known exploitation at present. The description does not specify how the read can be triggered, so we cannot confirm the attack vector. However, given that FreeRDP is used to handle incoming RDP connections, the most likely path for exploitation would involve a specially crafted RDP packet, a conclusion inferred from the context rather than explicit statement. Until further evidence emerges, treating the vulnerability as a high‑risk threat is prudent.

Generated by OpenCVE AI on March 31, 2026 at 06:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade FreeRDP to version 3.24.2 or later to eliminate the heap over‑read.
  • If an upgrade cannot be performed immediately, limit RDP access to trusted networks or apply network segmentation to reduce exposure.
  • Verify that no legacy FreeRDP binaries are in use and perform an audit of all deployed RDP endpoints.

Generated by OpenCVE AI on March 31, 2026 at 06:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Freerdp
Freerdp freerdp
Vendors & Products Freerdp
Freerdp freerdp

Tue, 31 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Description FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpr_aligned_offset_recalloc(). This issue has been patched in version 3.24.2.
Title FreeRDP: Persistent Cache Allocator Mismatch - Heap OOB Read
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H'}

Subscriptions

Freerdp Freerdp
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-31T14:07:35.702Z

Reserved: 2026-03-24T22:20:06.210Z

Link: CVE-2026-33982

cve-icon Vulnrichment

Updated: 2026-03-31T14:07:32.237Z

cve-icon NVD

Status : Received

Published: 2026-03-30T22:16:19.260

Modified: 2026-03-30T22:16:19.260

Link: CVE-2026-33982

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:39:57Z

Weaknesses