CVE-2024-32662

Name	CVE-2024-32662
Description	FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
freerdp2 (PTS)	bullseye	2.3.0+dfsg1-2+deb11u1	fixed
	bullseye (security)	2.3.0+dfsg1-2+deb11u3	fixed
	bookworm	2.10.0+dfsg1-1	fixed
freerdp3 (PTS)	trixie	3.15.0+dfsg-2.1	fixed
	forky, sid	3.17.2+dfsg-3	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
freerdp2	source	(unstable)	(not affected)
freerdp3	source	(unstable)	3.5.1+dfsg1-1

Notes

- freerdp2 <not-affected> (Vulnerable code not present)
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vffh-j6hh-95f4
https://github.com/FreeRDP/FreeRDP/commit/626d10a94a88565d957ddc30768ed08b320049a7 (3.5.1)
Introduced by: https://github.com/FreeRDP/FreeRDP/commit/ae8f0106bd9d79dc0369c19b632c5112338ecad4 (3.0.0-beta1)