6 matches found
freerdp: FreeRDP: Denial of Service via crafted audio data in RDP
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...
SUSE CVE-2026-31884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign...
CVE-2026-24684
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsndtreatwave. This vulnerability is fixed in 3.22.0...
UBUNTU-CVE-2026-24684
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsndtreatwave. This vulnerability is fixed in 3.22.0...
Fedora 18 : spice-0.12.4-1.fc18 (2013-14362)
New upstream bug-fix release 0.12.4 - Fixes a client triggerable abort CVE-2013-4130 - Add patches from upstream git to fix sound-channel-free crash rhbz986407 - Stop building spicec, it's obsolete and superseded by remote-viewer part of virt-viewer Note that Tenable Network Security has...
Fedora 19 : spice-0.12.4-1.fc19 (2013-14110)
New upstream bug-fix release 0.12.4 - Fixes a client triggerable abort CVE-2013-4130 - Add patches from upstream git to fix sound-channel-free crash rhbz986407 - Stop building spicec, it's obsolete and superseded by remote-viewer part of virt-viewer Note that Tenable Network Security has...