FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the nsc_rle_decompress_data function. The Out-Of-Bounds Read occurs because it processes context->Planes without checking if it contains data of sufficient length. Should an attacker be able to leverage this vulnerability they may be able to cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
{
"cna_assigner": "GitHub_M",
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/39xxx/CVE-2023-39354.json",
"cwe_ids": [
"CWE-125"
]
}{
"cpe": [
"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*",
"cpe:2.3:a:freerdp:freerdp:3.0.0:beta1:*:*:*:*:*:*",
"cpe:2.3:a:freerdp:freerdp:3.0.0:beta2:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2.11.0"
},
{
"introduced": "3.0.0-beta1"
},
{
"last_affected": "3.0.0-beta1"
},
{
"introduced": "3.0.0-beta2"
},
{
"last_affected": "3.0.0-beta2"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING",
"REFERENCES"
]
}[
{
"id": "CVE-2023-39354-07953982",
"source": "https://github.com/freerdp/freerdp/commit/cd1da25a87358eb3b5512fd259310e95b19a05ec",
"signature_type": "Function",
"target": {
"file": "libfreerdp/codec/nsc.c",
"function": "nsc_rle_decode"
},
"signature_version": "v1",
"digest": {
"function_hash": "227645098702920897722399786104218899711",
"length": 854.0
},
"deprecated": false
},
{
"id": "CVE-2023-39354-39aeeb3f",
"source": "https://github.com/freerdp/freerdp/commit/cd1da25a87358eb3b5512fd259310e95b19a05ec",
"signature_type": "Line",
"target": {
"file": "libfreerdp/codec/nsc_types.h"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"123582285167663769338341195027140648392",
"209804153476220740174305888653063235139",
"241757855125844276388765278512457713246",
"179585166811709962021743128680035653314"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2023-39354-6b155cf3",
"source": "https://github.com/freerdp/freerdp/commit/cd1da25a87358eb3b5512fd259310e95b19a05ec",
"signature_type": "Function",
"target": {
"file": "libfreerdp/codec/nsc.c",
"function": "nsc_rle_decompress_data"
},
"signature_version": "v1",
"digest": {
"function_hash": "150007567039752564916414637537899547140",
"length": 737.0
},
"deprecated": false
},
{
"id": "CVE-2023-39354-b4ca54c9",
"source": "https://github.com/freerdp/freerdp/commit/cd1da25a87358eb3b5512fd259310e95b19a05ec",
"signature_type": "Line",
"target": {
"file": "libfreerdp/codec/nsc.c"
},
"signature_version": "v1",
"digest": {
"line_hashes": [
"250178124142207418393331080828240113658",
"321182183397613447571498679207254403223",
"301415756260293339095501592302150766739",
"240905790204619008903806382433087795439",
"118494738548475194551959233760285643868",
"277306073334495933612579467180323801735",
"87737890863243103794752534053072494746",
"156393909329298573555265176750289990365",
"161811641437175650723588941164817196215",
"283857799873118748120387690001911695273",
"291766332945540239478465706287076808732",
"301089306180167085693971087223036504842",
"6002239866669080581566310950601035677",
"252284156122299689129265873188512047386",
"23483620984783465817062723672124218562",
"288452946707311510173135259745546889882",
"226379668947525836027385906600569117824",
"19287231287907857042225931313467712643",
"261145021561412010306468050567499632474",
"328703999023281544499204192989557699360",
"284170130230110394051790079950846466585",
"12445669493864267667457417044870901374",
"310949963343327725005750406837384968167",
"57623227396509798319498495538040399862",
"326234836329751615857714331390187903944",
"59420444909444536915865445931643645923",
"2137765066437448295598675362217417653",
"269661033068971035552170611996211186198",
"54383102417166118466847785292607015365",
"106683909681454151943885189537091285594",
"244825513710967828033265126895879464952",
"24055499540214911007344701091703989279",
"157496067493061207555117538932521561551",
"258101359744560636965892631708393080867",
"123269398750748683484275736165616502458",
"174009819402698325786143062469359650284",
"316202520907451977498493386513348257261",
"206650018183930193025884714300700235031",
"185608383168243951596798408035876868704",
"10175151523337413196144430890346730751",
"277785289262369510617450755399671044666",
"48344597623850180610915791936665659731",
"259339560581869164122224349390400933443"
],
"threshold": 0.9
},
"deprecated": false
},
{
"id": "CVE-2023-39354-e6d6dcd4",
"source": "https://github.com/freerdp/freerdp/commit/cd1da25a87358eb3b5512fd259310e95b19a05ec",
"signature_type": "Function",
"target": {
"file": "libfreerdp/codec/nsc.c",
"function": "nsc_stream_initialize"
},
"signature_version": "v1",
"digest": {
"function_hash": "157210949240832481899102757688489241832",
"length": 560.0
},
"deprecated": false
}
]
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-39354.json"
"2026-07-09T14:25:37Z"