CNNVD-202602-1319 Information

CNNVD ID

CNNVD-202602-1319

Related CVE

CVE-2026-24678

• CNNVD Published: 2026-02-09

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在资源管理错误漏洞，该漏洞源于捕获线程在设备通道关闭后使用已释放的通道回调发送样本响应，可能导致释放后重用。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. Before FreeRDP 3.22.0, there was a resource management error loophole, which arose from the re-transmitting of a sample response using the released route after the device channel was closed, which could lead to reuse after release.

Hazard Level

High

Vulnerability Type

资源管理错误

Affected Vendor

FreeRDP

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/commit/f3ab1a16139036179d9852745fdade18fec11600 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6gvg-29wx-6v7h https://access.redhat.com/security/cve/cve-2026-24678

Patch

https://github.com/FreeRDP/FreeRDP/releases