CNNVD-202602-1326 Information

CNNVD ID

CNNVD-202602-1326

Related CVE

CVE-2026-23948

• CNNVD Published: 2026-02-09

Description (Chinese)

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.22.0之前版本存在代码问题漏洞，该漏洞源于rdp_write_logon_info_v2函数存在空指针取消引用，可能导致恶意RDP服务器使FreeRDP代理崩溃。

Description (English)

FreeRDP is an open-source remote desktop protocol (RDP) for the FreeRDP team. There is a code problem loophole in the pre-FreeRDP 3.22.0 version, which stems from the empty pointer cancellation reference in the rdp write logon info v2 function, which may cause the malicious RDP server to crash FreeRDP agent.

Vulnerability Type

代码问题

Affected Vendor

FreeRDP

Published

2026-02-09

Last Modified

2026-02-24

References

https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5

Patch

https://github.com/FreeRDP/FreeRDP/releases