vulnerability
SUSE: CVE-2024-32040: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Apr 22, 2024 | May 13, 2024 | Dec 5, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Apr 22, 2024
Added
May 13, 2024
Modified
Dec 5, 2025
Description
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use the NSC codec (e.g. use `-nsc`).
Solutions
suse-upgrade-freerdpsuse-upgrade-freerdp-develsuse-upgrade-freerdp-proxysuse-upgrade-freerdp-proxy-pluginssuse-upgrade-freerdp-sdlsuse-upgrade-freerdp-serversuse-upgrade-freerdp-waylandsuse-upgrade-libfreerdp-server-proxy3-3suse-upgrade-libfreerdp2suse-upgrade-libfreerdp3-3suse-upgrade-librdtk0-0suse-upgrade-libuwac0-0suse-upgrade-libwinpr2suse-upgrade-libwinpr3-3suse-upgrade-uwac0-0-develsuse-upgrade-winpr-develsuse-upgrade-winpr2-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.