Out-of-bounds Read in Freerdp
CVE-2026-31897
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdp_bitmap_decompress_planar when SrcSize is 0. The function dereferences *srcp (which points to pSrcData) without firs…
Vulnerability class: Buffer Overflow
EPSS: 0.001 (18.2th percentile) — read the EPSS interpretation.
Affected products
- Freerdp — versions < 3.24.0
Weakness classification (CWE)
References
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xgv6-r22m-7c9x (x_refsource_CONFIRM)
- https://github.com/FreeRDP/FreeRDP/commit/cd27c8faca0eeb0d4309cc5837dfdf3c42eba4e7 (x_refsource_MISC)