CNNVD-202602-1318 Information

CNNVD ID

CNNVD-202602-1318

Related CVE

CVE-2026-24680

• CNNVD Published: 2026-02-09

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在资源管理错误漏洞，该漏洞源于sdl_Pointer_New在失败时释放数据，随后pointer_free再次释放，可能导致释放后重用。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. The previous version of FreeRDP 3.22.0 had a resource management error loophole, which originated from the release of data by sdl Pointer New in the event of failure and subsequent re-release of pointer free, which could lead to reuse after release.

Vulnerability Type

资源管理错误

Affected Vendor

FreeRDP

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/commit/c42ecbd183b001e76bfc3614cddfad0034acc758 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-j893-9wg8-33rc

Patch

https://github.com/FreeRDP/FreeRDP/releases