CVE-2026-23732

CVE-2026-23732 is a buffer overflow vulnerability (CWE-122) in the FastGlyph parsing functionality of FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 3.21.0, the parser trusts the `cbData` or remaining length fields without validating them against the minimum size implied by the `cx` and `cy` dimensions, leading to a client-side global buffer overflow. The issue carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), highlighting its potential for high-impact denial of service.

A malicious RDP server can exploit this vulnerability against any client using a vulnerable FreeRDP version by sending crafted FastGlyph data during a connection. No special privileges or user interaction are required, and exploitation occurs over the network with low complexity. Successful exploitation results in a client crash, enabling denial-of-service (DoS) attacks that disrupt remote desktop sessions.

Mitigation is addressed in FreeRDP version 3.21.0, which includes a patch for the FastGlyph parsing issue, as detailed in the project's GitHub release notes and related code changes in files such as glyph.c, color.c, graphics.c, and orders.c. Security practitioners should advise users to update to 3.21.0 or later and avoid connecting to untrusted RDP servers.