CVE-2023-39351
FreeRDP Null Pointer Dereference leading denial of service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference leading a crash in the RemoteFX (rfx) handling. Inside the `rfx_process_message_tileset` function, the program allocates tiles using `rfx_allocate_tiles` for the number of numTiles. If the initialization process of tiles is not completed for various reasons, tiles will have a NULL pointer. Which may be accessed in further processing and would cause a program crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
A flaw was found in FreeRDP. If the initialization process of tiles is incomplete, for various reasons, tiles will have a NULL pointer. This can be accessed in further processing, causing a program crash.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-07-28 CVE Reserved
- 2023-08-31 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-10-02 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (8)
URL | Date | SRC |
---|---|---|
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q9x9-cqjc-rgwq | 2024-08-02 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2023-39351 | 2024-04-30 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2236779 | 2024-04-30 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Freerdp Search vendor "Freerdp" | Freerdp Search vendor "Freerdp" for product "Freerdp" | < 2.11.0 Search vendor "Freerdp" for product "Freerdp" and version " < 2.11.0" | - |
Affected
| ||||||
Freerdp Search vendor "Freerdp" | Freerdp Search vendor "Freerdp" for product "Freerdp" | 3.0.0 Search vendor "Freerdp" for product "Freerdp" and version "3.0.0" | beta1 |
Affected
| ||||||
Freerdp Search vendor "Freerdp" | Freerdp Search vendor "Freerdp" for product "Freerdp" | 3.0.0 Search vendor "Freerdp" for product "Freerdp" and version "3.0.0" | beta2 |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 37 Search vendor "Fedoraproject" for product "Fedora" and version "37" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 39 Search vendor "Fedoraproject" for product "Fedora" and version "39" | - |
Affected
|