Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressive_decompress_tile_upgrade() detects a mismatch via progressive_rfx_quant_cmp_equal() but only emits WLog_WARN, execution continues. The wrapped value (247) is used as a shift exponent, causing undefined behavior and an approximately 80 billion iteration loop (CPU DoS). This issue has been patched in version 3.24.2.
Published: 2026-03-30
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: CPU Denial of Service
Action: Immediate Patch
AI Analysis

Impact

The vulnerability originates from a byte underflow in the progressive codec quantization routine of FreeRDP, causing an undefined shift operation that triggers an astronomic 80‑billion‑iteration loop. This loop consumes CPU resources and renders the RDP client unresponsive, resulting in a denial‑of‑service condition. The flaw does not provide code execution or data exposure, but it can degrade availability of the affected system.

Affected Systems

FreeRDP, the open‑source Remote Desktop Protocol client, is impacted. All releases before version 3.24.2 contain the flaw; the patch was applied in version 3.24.2 and later.

Risk and Exploitability

The CVSS score of 6.5 indicates a moderate severity, while an EPSS score below 1% shows a low likelihood of exploitation. It is not listed in the CISA KEV catalog. Based on the description, it is inferred that an attacker would need to send a crafted RDP packet to the vulnerable client in order to trigger the CPU‑bound loop. This does not grant remote code execution or compromise confidentiality, but it can exhaust system resources and interrupt remote sessions.

Generated by OpenCVE AI on April 2, 2026 at 04:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update FreeRDP to version 3.24.2 or later.
  • Verify that the installed package is the patched release.
  • Monitor RDP service logs for warning messages that may indicate the issue.

Generated by OpenCVE AI on April 2, 2026 at 04:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Freerdp
Freerdp freerdp
Vendors & Products Freerdp
Freerdp freerdp
References
Metrics threat_severity

None

 threat_severity

Important

Tue, 31 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Description FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressive_decompress_tile_upgrade() detects a mismatch via progressive_rfx_quant_cmp_equal() but only emits WLog_WARN, execution continues. The wrapped value (247) is used as a shift exponent, causing undefined behavior and an approximately 80 billion iteration loop (CPU DoS). This issue has been patched in version 3.24.2.
Title FreeRDP: Progressive Codec Quant BYTE Underflow - UB + CPU DoS
Weaknesses CWE-190
CWE-252
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Freerdp Freerdp
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-31T15:32:05.510Z

Reserved: 2026-03-24T22:20:06.210Z

Link: CVE-2026-33983

cve-icon Vulnrichment

Updated: 2026-03-31T15:32:01.448Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-30T22:16:19.407

Modified: 2026-04-01T20:03:24.513

Link: CVE-2026-33983

cve-icon Redhat

Severity : Important

Publid Date: 2026-03-30T21:42:27Z

Links: CVE-2026-33983 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:53:53Z

Weaknesses