CVE-2024-32659 – FreeRDP clients prior to version 3.5.1 contain ... (How to Fix)

Q: What is the severity of CVE-2024-32659?

CVE-2024-32659 has a CVSS score of 9.8 (CRITICAL). FreeRDP clients prior to version 3.5.1 contain an out-of-bounds read vulnerability when processing remote desktop connections with zero width and height parameters. This could allow attackers to read sensitive memory contents or cause denial of service. Any system using vulnerable FreeRDP clients to connect to remote desktops is affected.

📋 TL;DR

FreeRDP clients prior to version 3.5.1 contain an out-of-bounds read vulnerability when processing remote desktop connections with zero width and height parameters. This could allow attackers to read sensitive memory contents or cause denial of service. Any system using vulnerable FreeRDP clients to connect to remote desktops is affected.

💻 Affected Systems

Products:

FreeRDP

Versions: All versions prior to 3.5.1

Operating Systems: Linux, Windows, macOS, BSD

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects FreeRDP-based clients, not servers. Vulnerability triggers when connecting to malicious RDP servers.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, though CWE-125 typically enables information disclosure or crashes.

🟠

Likely Case

Denial of service through client crashes or potential information disclosure from memory reads.

🟢

If Mitigated

Limited impact if proper network segmentation and client isolation are implemented.

🌐 Internet-Facing: MEDIUM - Requires client to connect to malicious server, but RDP clients often connect to untrusted environments.

🏢 Internal Only: LOW - Internal RDP connections typically involve trusted servers.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires client to connect to malicious server. No authentication needed on client side.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.5.1

Vendor Advisory: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w

Restart Required: Yes

Instructions:

1. Update FreeRDP to version 3.5.1 or later. 2. For package managers: 'sudo apt update && sudo apt upgrade freerdp2' (Debian/Ubuntu) or 'sudo yum update freerdp' (RHEL/Fedora). 3. Restart any running FreeRDP client processes.

🔧 Temporary Workarounds

No known workarounds

all

The advisory states no workarounds are available. Patching is required.

🧯 If You Can't Patch

Restrict FreeRDP client usage to trusted RDP servers only.
Implement network monitoring for abnormal RDP connection patterns.

🔍 How to Verify

Check if Vulnerable:

Check FreeRDP version with 'xfreerdp --version' or equivalent. If version is below 3.5.1, system is vulnerable.

Check Version:

xfreerdp --version

Verify Fix Applied:

Confirm version is 3.5.1 or higher with 'xfreerdp --version'.

📡 Detection & Monitoring

Log Indicators:

FreeRDP client crashes with segmentation faults
Abnormal termination of RDP client processes

Network Indicators:

RDP connections to untrusted or unknown servers
Multiple failed RDP connection attempts

SIEM Query:

process.name:"xfreerdp" AND event.action:"terminated" AND exit_code:"139" (for SIGSEGV)

📊 Metadata

CVE ID: CVE-2024-32659

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: April 23, 2024

Last Updated: November 3, 2025

🔗 References

https://github.com/FreeRDP/FreeRDP/commit/6430945ce003a5e24d454d8566f54aae1b6b617b Patch
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/ Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/ Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/ Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/ Third Party Advisory
https://oss-fuzz.com/testcase-detail/6156779722440704 Permissions Required
https://github.com/FreeRDP/FreeRDP/commit/6430945ce003a5e24d454d8566f54aae1b6b617b Patch
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jgr-7r33-x87w Vendor Advisory
https://lists.debian.org/debian-lts-announce/2025/02/msg00016.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JL476WVJSIE7SBUKVJRVA6A52V2HOLZ/ Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SIS6NUNLUBOV4CPCSWKDE6T6C2W3WTR/ Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PX3U6YPZQ7PEJBVKSBUOLWVH7DHROHY5/ Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKI4UISUXYNBPN4K6TIQKDRTIJ6CDCKJ/ Third Party Advisory
https://oss-fuzz.com/testcase-detail/6156779722440704 Permissions Required

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-32659, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Fedora by Fedoraproject

Fedora by Fedoraproject

Fedora by Fedoraproject

Freerdp by Freerdp

Freerdp by Freerdp

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

No known workarounds

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities