Out-Of-Bounds Read in FreeRDP
CVE-2023-40188
What is CVE-2023-40188?
The FreeRDP software, an open-source implementation of the Remote Desktop Protocol, is affected by an Out-Of-Bounds Read vulnerability in its general_LumaToYUV444 function. This vulnerability arises from insufficient validation of the in variable during processing, which can result in errors or crashes when the data length is inadequate. Users are urged to update to versions 2.11.0 or 3.0.0-beta3 to mitigate this risk, as there are no known workarounds available.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
FreeRDP < 2.11.0 < 2.11.0
FreeRDP >= 3.0.0-beta1, < 3.0.0-beta3 < 3.0.0-beta1, 3.0.0-beta3
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved
