Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressive_decompress_tile_upgrade() detects a mismatch via progressive_rfx_quant_cmp_equal() but only emits WLog_WARN, execution continues. The wrapped value (247) is used as a shift exponent, causing undefined behavior and an approximately 80 billion iteration loop (CPU DoS). This issue has been patched in version 3.24.2.
Published: 2026-03-30
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: CPU Denial of Service
Action: Patch
AI Analysis

Impact

FreeRDP’s progressive decompression engine contains a bug where a mismatched quantization value is used as a shift exponent. The small wrapped value (247) underflows to zero, triggering undefined behavior that creates a loop of roughly 80 billion iterations. The excess CPU usage can exhaust system resources and render the host or a session unresponsive. No escalation to arbitrary code execution or data exposure is documented; the impact is purely an availability compromise.

Affected Systems

All FreeRDP installations whose version is earlier than 3.24.2 are affected. The issue was remedied in the 3.24.2 release. If a deployment still uses an older release, it remains vulnerable.

Risk and Exploitability

The official CVSS score of 6.5 indicates moderate severity, and no EPSS data is available. The vulnerability is not listed in the CISA KEV catalog. It can be exploited by an attacker who sends a specially crafted RDP data stream that triggers the vulnerable decompression path, so the attack vector is remote, network‑based via the target’s Remote Desktop service.

Generated by OpenCVE AI on March 31, 2026 at 06:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade FreeRDP to version 3.24.2 or later.

Generated by OpenCVE AI on March 31, 2026 at 06:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Freerdp
Freerdp freerdp
Vendors & Products Freerdp
Freerdp freerdp
References
Metrics threat_severity

None

 threat_severity

Important

Tue, 31 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Description FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressive_decompress_tile_upgrade() detects a mismatch via progressive_rfx_quant_cmp_equal() but only emits WLog_WARN, execution continues. The wrapped value (247) is used as a shift exponent, causing undefined behavior and an approximately 80 billion iteration loop (CPU DoS). This issue has been patched in version 3.24.2.
Title FreeRDP: Progressive Codec Quant BYTE Underflow - UB + CPU DoS
Weaknesses CWE-190
CWE-252
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Freerdp Freerdp
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-31T15:32:05.510Z

Reserved: 2026-03-24T22:20:06.210Z

Link: CVE-2026-33983

cve-icon Vulnrichment

Updated: 2026-03-31T15:32:01.448Z

cve-icon NVD

Status : Received

Published: 2026-03-30T22:16:19.407

Modified: 2026-03-30T22:16:19.407

Link: CVE-2026-33983

cve-icon Redhat

Severity : Important

Publid Date: 2026-03-30T21:42:27Z

Links: CVE-2026-33983 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:39:57Z

Weaknesses