Unrated severityNVD Advisory· Published Mar 13, 2026· Updated Mar 13, 2026
FreeRDP has an out-of-bounds read in `freerdp_bitmap_decompress_planar`
CVE-2026-31897
Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in freerdp_bitmap_decompress_planar when SrcSize is 0. The function dereferences *srcp (which points to pSrcData) without first verifying that SrcSize >= 1. When SrcSize is 0 and pSrcData is non-NULL, this reads one byte past the end of the source buffer. This vulnerability is fixed in 3.24.0.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/FreeRDP/FreeRDP/commit/cd27c8faca0eeb0d4309cc5837dfdf3c42eba4e7mitrex_refsource_MISC
- github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xgv6-r22m-7c9xmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.