CNNVD-202602-1315 Information

CNNVD ID

CNNVD-202602-1315

Related CVE

CVE-2026-24683

• CNNVD Published: 2026-02-09

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在资源管理错误漏洞，该漏洞源于ainput_send_input_event在本地变量中缓存channel_callback并在没有同步的情况下使用它，可能导致释放后重用。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. FreeRDP 3.2.0 had a resource management error loophole that originated from the fact that ainput send input event caches chanel callback in local variables and uses it without synchronization, which could lead to reuse after release.

Vulnerability Type

资源管理错误

Affected Vendor

FreeRDP

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q

Patch

https://github.com/FreeRDP/FreeRDP/releases