FreeRDP: DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value (>= 89). The unvalidated step index is read directly from the network and used to index into a 89-entry lookup table, triggering a WINPR_ASSERT() failure and process abort via SIGABRT. This affects any FreeRDP client that has audio redirection (RDPSND) enabled, which is the default configuration. This issue has been patched in version 3.24.2.

N/A

可达断言

FreeRDP 安全漏洞

FreeRDP是FreeRDP团队的一款开源的远程桌面协议（RDP）的实现。 FreeRDP 3.24.2之前版本存在安全漏洞，该漏洞源于恶意RDP服务器发送具有无效初始步进索引值的IMA ADPCM格式音频数据，触发断言失败和进程中止，可能导致启用音频重定向的FreeRDP客户端崩溃。

N/A

N/A