CNNVD-202602-1316 Information

CNNVD ID

CNNVD-202602-1316

Related CVE

CVE-2026-24681

• CNNVD Published: 2026-02-09

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在资源管理错误漏洞，该漏洞源于异步批量传输完成可在URBDRC通道关闭后使用已释放的通道回调，可能导致释放后重用。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. The previous version of FreeRDP 3.22.0 had a resource management error loophole, which resulted from the completion of the round-trip transfer, which could be re-used after release using the released channel after the URBDRRC channel was closed.

Vulnerability Type

资源管理错误

Affected Vendor

FreeRDP

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j

Patch

https://github.com/FreeRDP/FreeRDP/releases