CNNVD-202602-1321 Information

CNNVD ID

CNNVD-202602-1321

Related CVE

CVE-2026-24676

• CNNVD Published: 2026-02-09

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在资源管理错误漏洞，该漏洞源于AUDIN格式重新协商释放活动格式列表而捕获线程继续使用audin->format，可能导致释放后重用。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. Prior to FreeRDP 3.22.0, there was a resource management error loophole, which originated from the AUDIN format renegotiating the release activity format list and the continued use of adin->format for the capture thread, which could lead to reuse after release.

Vulnerability Type

资源管理错误

Affected Vendor

FreeRDP

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj

Patch

https://github.com/FreeRDP/FreeRDP/releases