SUSE-SU-2026:1640-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

SUSE SLES15 Security Update : freerdp (SUSE-SU-2026:1634-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1634-1 advisory. - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overfl...

OPENSUSE-SU-2026:20632-1 Security update for freerdp2

This update for freerdp2 fixes the following issues: Changes in freerdp2: - Update freerdp-3-macro: + Add WINPRATTRMALLOC macro from freerdp 3 - Security fixes for the following issues: CVE-2026-25941: Fixed a out of bounds read bsc1258919 CVE-2026-25942: Fixed a buffer overflow in...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

SUSE-SU-2026:1633-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

SUSE-SU-2026:1632-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

CVE-2026-25997

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfclipboardformatequal reads freed lastSentFormats memory because xfclipboardformatsfree called from the cliprdr channel thread during auto-reconnect frees the array while the X11 event thread concurrently...

CVE-2026-25997

CVE-2026-25997 affects FreeRDP prior to 3.23.0. The issue is a heap use-after-free in the clipboard path: the function xf_clipboard_format_equal reads freed lastSentFormats because xf_clipboard_formats_free frees the array while the X11 event thread concurrently iterates it in xf_clipboard_change...

FreeRDP 安全漏洞

FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the xfclipboardformatequal function, which allowed reusing of freed memory after it was released...

EUVD-2020-3447

Malware in sbrugna...

Out-of-bounds

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformatlist. Clipboard format data read by client or server might read data out-of-bounds. This has been fixed in 2.1.0...

CVE-2020-11085

CVE-2020-11085 affects FreeRDP: before version 2.1.0 there is an out-of-bounds read in cliprdr_read_format_list (clipboard format data). This could read memory beyond bounds when processing clipboard formats. The issue has been fixed in FreeRDP 2.1.0. Affected advisories from multiple vendors cor...

CVE-2020-11085

In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdrreadformatlist. Clipboard format data read by client or server might read data out-of-bounds. This has been fixed in 2.1.0...

CVE-2012-1866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...

Design/Logic Flaw

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to...