漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
FreeRDP has heap-use-after-free in rail_window_free
Vulnerability Description
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on title allocation failure without first removing the entry from the `railWindows` hash table, leaving a dangling pointer that is freed again on disconnect. Version 3.23.0 fixes the vulnerability.
CVSS Information
N/A
Vulnerability Type
释放后使用
Vulnerability Title
FreeRDP 资源管理错误漏洞
Vulnerability Description
FreeRDP是FreeRDP团队的一款开源的远程桌面协议(RDP)的实现。 FreeRDP 3.23.0之前版本存在资源管理错误漏洞,该漏洞源于rail_window_free中存在双重释放,可能导致释放后重用。
CVSS Information
N/A
Vulnerability Type
N/A