freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow flaw has been discovered in FreeRDP. In affected versions RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array...

UBUNTU-CVE-2026-22853

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array. This vulnerabilit...

CVE-2026-22853 FreeRDP has a heap-buffer-overflow in ndr_read_uint8Array

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array. This vulnerabilit...

CVE-2026-22853

Freerdp before 3.20.1 contains a bounds-check vulnerability in RDPEAR's NDR array reader that can write past a heap buffer, causing a heap-buffer-overflow in ndr_read_uint8Array. The issue is fixed in 3.20.1; multiple advisories (SUSE/OpenSUSE, Fedora) indicate updates to 3.20.2 or newer as the r...