Security Advisory

CVE-2026-33987

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-30 21:43:39

Last updated 2026-03-31 15:32:44

Assigner GitHub_M

State PUBLISHED

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistent_cache_read_entry_v3() in libfreerdp/cache/persistent.c, persistent->bmpSize is updated before winpr_aligned_recalloc(). If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This issue has been patched in version 3.24.2.

← Browse all CVEs View on cve.org ↗