VYPR
Unrated severityNVD Advisory· Published Apr 22, 2024· Updated Nov 3, 2025

FreeRDP Integer overflow & OutOfBound Write in clear_decompress_residual_data

CVE-2024-32039

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use /gfx options (e.g. deactivate with /bpp:32 or /rfx as it is on by default).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.