Primary

Context

FreeRDP Heap Use-After-Free Vulnerability in urb_select_interface Function

Vulnerability

Patched

A heap-use-after-free vulnerability has been identified in FreeRDP versions prior to 3.22.0. The issue arises in the 'urb_select_interface' function, which can mistakenly free the device's MS configuration on error. However, subsequent code still attempts to dereference this freed memory, leading to a use-after-free condition in 'libusb_udev_select_interface'. This vulnerability can be exploited by a malicious server, causing a client-side crash and potentially allowing for code execution, depending on the behavior of the memory allocator and the layout of the heap.

Impact

Exploitation of this vulnerability causes a client-side crash and can lead to heap corruption. This type of memory corruption often allows for arbitrary code execution, depending on the behavior of the memory allocator and the surrounding heap layout.

Remediation

Users can upgrade to FreeRDP version 3.22.0 or later to address this vulnerability.

Added: Feb 9, 2026, 7:25 PM

Updated: Feb 9, 2026, 10:04 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

6.0

remediation

7.7

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

6.0

remediation

7.7

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FreeRDP Heap Use-After-Free Vulnerability in urb_select_interface Function

Vulnerability

Impact

Remediation

Affected Products

FreeRDP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating