11 matches found
Amazon Linux 2023 : freerdp, freerdp-devel, freerdp-libs (ALAS2023-2026-1454)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1454 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdpwritelogoninfov2 allows a malicious RDP server to crash FreeRDP...
SUSE CVE-2026-27950
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...
EUVD-2026-8754
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been...
PT-2026-22021
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A previous fix for a heap-use-after-free issue was incomplete. The vulnerable code exists in the SDL2 implementation, where a pointer...
Fedora: Security Advisory (FEDORA-2026-fa67f40526)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2026-24680
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...
CVE-2026-24680
A heap buffer use after free has been discovered in FreeRDP. sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering a program crash. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the R...
UBUNTU-CVE-2026-24680
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...
CVE-2026-24680
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...
CVE-2026-24680
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and frees it again, triggering ASan UAF. This vulnerability is fixed in 3.22.0...
Linux Distros Unpatched Vulnerability : CVE-2026-24680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdlPointerNew frees data on failure, then pointerfree calls sdlPointerFree and...