FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecamchannelwrite. This vulnerability is fixed in 3.22.0.
{
"binaries": [
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "freerdp3-dev"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "freerdp3-proxy"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "freerdp3-proxy-modules"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "freerdp3-sdl"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "freerdp3-shadow-x11"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "freerdp3-wayland"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "freerdp3-x11"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libfreerdp-client3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libfreerdp-server-proxy3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libfreerdp-server3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libfreerdp-shadow-subsystem3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libfreerdp-shadow3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libfreerdp3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libwinpr-tools3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libwinpr3-3"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "libwinpr3-dev"
},
{
"binary_version": "3.16.0+dfsg-2ubuntu0.1",
"binary_name": "winpr3-utils"
}
],
"availability": "No subscription required"
}