Division by zero in FreeRDP - #VU136924
Published: July 6, 2026
FreeRDP
Detailed vulnerability description
The vulnerability allows a remote user to cause a denial of service.
The vulnerability exists due to divide by zero in rdpsnd_server_select_format when processing client-supplied audio format parameters. A remote user can advertise a specially crafted audio format to cause a denial of service.
The issue affects the server-side rdpsnd virtual channel and can result in a SIGFPE.