6 matches found
SUSE SLED15 / SLES15 Security Update : freerdp (SUSE-SU-2026:1633-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1633-1 advisory. - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. -...
Linux Distros Unpatched Vulnerability : CVE-2026-27950
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is...
CVE-2026-27950
A flaw was found in FreeRDP. An incomplete fix for a heap-use-after-free vulnerability CVE-2026-24680 in the SDL2 implementation allows a remote attacker to trigger a denial of service. The pointer is not nulled after being freed, which can lead to memory corruption. This issue means that...
CVE-2026-27950
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...
CVE-2026-27950
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...
CVE-2026-27950
CVE-2026-27950 affects FreeRDP prior to 3.23.0, where the heap-use-after-free described in the advisory is incompletely fixed in the SDL2 path (SDL3 path fix present). The SDL2 code path does not nulled the pointer after free, leaving a vulnerable execution flow in some builds/environments. A com...