Lucene search
PRIOn knowledge basePRION:CVE-2023-40187HistoryAug 31, 2023 - 10:15 p.m.
Double free
2023-08-3122:15:00
PRIOn knowledge base
www.prio-n.com
3
freerdp
remote desktop protocol
use-after-free
avc functions
apache license
upgrade
nvd
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions of the 3.x beta branch are subject to a Use-After-Free issue in the avc420_ensure_buffer and avc444_ensure_buffer functions. If the value of piDstSize[x] is 0, ppYUVDstData[x] will be freed. However, in this case ppYUVDstData[x] will not have been updated which leads to a Use-After-Free vulnerability. This issue has been addressed in version 3.0.0-beta3. Users of the 3.x beta releases are advised to upgrade. There are no known workarounds for this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| freerdp | eq | 3.0.0 beta1 | |
| freerdp | eq | 3.0.0 beta2 |
Related
redhatcve
redhatcve
CVE-2023-40187
2023-09-05 15:14:21
osv
osv
CVE-2023-40187
2023-08-31 22:15:08
nvd
nvd
CVE-2023-40187
2023-08-31 22:15:08
ubuntucve
ubuntucve
CVE-2023-40187
2023-08-31 00:00:00
cve
cve
CVE-2023-40187
2023-08-31 22:15:08
debiancve
debiancve
CVE-2023-40187
2023-08-31 22:15:08
cvelist
cvelist
CVE-2023-40187 Use-After-Free in FreeRDP
2023-08-31 21:21:12
redos
redos
ROS-20240328-03
2024-03-28 00:00:00
nessus
nessus
GLSA-202401-16 : FreeRDP: Multiple Vulnerabilities
2024-01-12 00:00:00
gentoo
gentoo
FreeRDP: Multiple Vulnerabilities
2024-01-12 00:00:00