CVE-2024-22211

FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff	Patch
https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9	Patch
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59	Exploit Patch Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44VOA5KQQT7KQPW7CLST4Y4SQTKK3IOU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQE3YSPOJPAUS7DPWIBTR5IQSQX35VM/
https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff	Patch
https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9	Patch
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59	Exploit Patch Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44VOA5KQQT7KQPW7CLST4Y4SQTKK3IOU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQE3YSPOJPAUS7DPWIBTR5IQSQX35VM/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:freerdp:freerdp::::::::
	cpe:2.3:a:freerdp:freerdp::::::::

History

21 Nov 2024, 08:55

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~9.8~~	v2 : unknown v3 : 3.7
References	~~() https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff - Patch~~	() https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff - Patch
References	~~() https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9 - Patch~~	() https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9 - Patch
References	~~() https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59 - Exploit, Patch, Vendor Advisory~~	() https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59 - Exploit, Patch, Vendor Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44VOA5KQQT7KQPW7CLST4Y4SQTKK3IOU/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44VOA5KQQT7KQPW7CLST4Y4SQTKK3IOU/ -
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQE3YSPOJPAUS7DPWIBTR5IQSQX35VM/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQE3YSPOJPAUS7DPWIBTR5IQSQX35VM/ -

17 Feb 2024, 02:15

Type	Values Removed	Values Added
References		() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44VOA5KQQT7KQPW7CLST4Y4SQTKK3IOU/ - () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQE3YSPOJPAUS7DPWIBTR5IQSQX35VM/ -

26 Jan 2024, 20:24

Type	Values Removed	Values Added
CPE		cpe:2.3:a:freerdp:freerdp::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
CWE	~~CWE-122~~
References	~~() https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59 -~~	() https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59 - Exploit, Patch, Vendor Advisory
References	~~() https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9 -~~	() https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9 - Patch
References	~~() https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff -~~	() https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff - Patch

19 Jan 2024, 22:52

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-01-19 20:15

Updated : 2024-11-21 08:55

NVD link : CVE-2024-22211

Mitre link : CVE-2024-22211

CVE.ORG link : CVE-2024-22211

JSON object : View

Products Affected

freerdp

freerdp

CWE

CWE-122

Heap-based Buffer Overflow

CWE-190

Integer Overflow or Wraparound

3.7 /10