Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FreeRDP has heap-use-after-free in xf_cliprdr_provide_data_
Vulnerability Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprdr_provide_data_` passes freed `pDstData` to `XChangeProperty` because the cliprdr channel thread calls `xf_cliprdr_server_format_data_response` which converts and uses the clipboard data without holding any lock, while the X11 event thread concurrently calls `xf_cliprdr_clear_cached_data` → `HashTable_Clear` which frees the same data via `xf_cached_data_free`, triggering a heap use after free. Version 3.23.0 fixes the issue.
CVSS Information
N/A
Vulnerability Type
释放后使用
Vulnerability Title
FreeRDP 安全漏洞
Vulnerability Description
FreeRDP是FreeRDP团队的一款开源的远程桌面协议(RDP)的实现。 FreeRDP 3.23.0之前版本存在安全漏洞,该漏洞源于xf_cliprdr_provide_data_将已释放的pDstData传递给XChangeProperty,可能导致堆释放后重用。
CVSS Information
N/A
Vulnerability Type
N/A