FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
{ "vanir_signatures": [ { "digest": { "line_hashes": [ "98830868541198649619607903992892905103", "226020367808982940165966883611020331730", "96209091937650497670729340190966596918", "68597771232672905448747460934967876969", "162044732484308792017951352105847723746", "326504844733085896892666274307317621505", "329690156736532059524590141505162705028", "248285287506203761962394932992882009432", "308160316885798277181335826747112610577", "94763354898628756087767298457319091231", "154844636336682889179901216075515499187", "37159298558627066816814247028513832067", "72487069367910799934599230940372489812", "32115507658897446478508603880977138723", "294609724532016567482121091644636464356", "65493452997018602111792554686413876744", "75632131311858889414169676597750720512", "187019031097965126367024086542149720430", "209425302958954328939102718034142567222", "240607709657651742411609192772339157862", "114855000961962168881505433138708675919", "120629071858108720174159868391902029779", "198379660654885751624294879516415708116", "63733460343293181873015587404318800358", "1935896111814404148501188144822823978", "282165691124398498463447462765178984235", "64406715929121521653807619913294831824", "221795253243264061548387284492022111333", "238417142289795488018802809977261345154", "273829268001441388899797732405667081852", "115631808952417382648779685705148162378", "87167311721689569441319189083002267006", "173993201544112695080312797135149634566", "232309812463104476196058766262375004141", "310754303071946827756161577055483421637", "282968664398830735931325503847759908372", "256216234225045447657750805627449234039", "168504166255287033643095301066694785797", "100394278071943054705519369221604085315", "307164828607839666218062813379681665796", "97039369569710529398710356863848233578", "85847353457284237677959316428320400226", "95631469203467702773760590192628309777", "297433281680868385924423977830933093708", "176260964910881623502285905975088983566", "98207834689413365980693203784125073613", "289350385912816381219847571713203478226", "333074141710635353878506192750459148821", "221872028253750179126210578171219319665", "172796526059993685080506408593530779687", "233079194992539652562042159116767328913", "99474893695458785940087175476406851540" ], "threshold": 0.9 }, "source": "https://github.com/freerdp/freerdp/commit/5e5d27cf310e4c10b854be7667bfb7a5d774eb47", "signature_version": "v1", "id": "CVE-2024-32660-10b04e12", "target": { "file": "libfreerdp/codec/zgfx.c" }, "signature_type": "Line", "deprecated": false }, { "digest": { "length": 1537.0, "function_hash": "81761183092985760791528463204255662787" }, "source": "https://github.com/freerdp/freerdp/commit/5e5d27cf310e4c10b854be7667bfb7a5d774eb47", "signature_version": "v1", "id": "CVE-2024-32660-29ec272d", "target": { "file": "libfreerdp/codec/zgfx.c", "function": "zgfx_decompress" }, "signature_type": "Function", "deprecated": false } ] }