Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...

SUSE-SU-2026:0656-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. - CVE-2026-23533: improper validation can lead to heap buffer overflow in...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...

SUSE-SU-2026:0559-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. - CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...

SUSE-SU-2026:0449-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: - CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. - CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...

SUSE-SU-2026:0421-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. - CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...

CVE-2026-23534 FreeRDP has heap-buffer-overflow in clear_decompress_bands_data

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a...

CVE-2026-23531 FreeRDP has heap-buffer-overflow in clear_decompress

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when glyphData is present, cleardecompress calls freerdpimagecopynooverlap without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates...

freerdp: Integer overflow & OutOfBound Write in clear_decompress_residual_data

A flaw was found in FreeRDP-based clients. Affected versions of FreeRDP are vulnerable to an integer overflow and out-of-bounds write. This issue occurs when the sum of the runLengthFactor and pixelIndex values become large enough to overflow the uint32 type and bypass an error check when clearin...

FreeRDP clear_decompress_bands_data function buffer overflow vulnerability

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that stems from the cleardecompressbandsdata function having no offset validation. An attacker could exploit this vulnerability to cause a denial...

DEBIAN-CVE-2023-40567

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the cleardecompressbandsdata function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds...

UBUNTU-CVE-2023-40567

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the cleardecompressbandsdata function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds...

SUSE CVE-2020-11040

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in cleardecompresssubcoderlex, visualized on screen as color. This has been patched in 2.1.0...