Описание
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xf_AppUpdateWindowFromSurface reuses a cached XImage whose data pointer references a freed RDPGFX surface buffer, because gdi_DeleteSurface frees surface->data without invalidating the appWindow->image that aliases it. Version 3.23.0 fixes the issue.
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This use-after-free vulnerability occurs because the xf_AppUpdateWindowFromSurface function reuses a cached image whose data pointer references a freed RDPGFX surface buffer. A remote attacker could exploit this flaw, potentially leading to a denial of service (DoS) condition.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | freerdp | Fix deferred | ||
| Red Hat Enterprise Linux 6 | freerdp | Fix deferred | ||
| Red Hat Enterprise Linux 7 | freerdp | Fix deferred | ||
| Red Hat Enterprise Linux 8 | freerdp | Fix deferred | ||
| Red Hat Enterprise Linux 9 | freerdp | Fix deferred |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
4.3 Medium
CVSS3
Связанные уязвимости
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `surface->data` without invalidating the `appWindow->image` that aliases it. Version 3.23.0 fixes the issue.
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `surface->data` without invalidating the `appWindow->image` that aliases it. Version 3.23.0 fixes the issue.
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...
4.3 Medium
CVSS3