ROS-20260611-73-0016

The vulnerability of the cleardecompressbandsdata function in the RDP client FreeRDP is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures...

SUSE-SU-2026:0559-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-22852: a malicious RDP server can trigger a heap-buffer-overflow in audinprocessformats bsc1256718. - CVE-2026-22854: server-controlled read length is used to read file data into an IRP output can cause heap-buffer-overflow in...

FreeRDP clear_decompress_bands_data function buffer overflow vulnerability

FreeRDP is an open source implementation of the Remote Desktop Protocol RDP from the FreeRDP team. FreeRDP suffers from a buffer overflow vulnerability that stems from the cleardecompressbandsdata function having no offset validation. An attacker could exploit this vulnerability to cause a denial...

DEBIAN-CVE-2023-40567

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the cleardecompressbandsdata function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds...

UBUNTU-CVE-2023-40567

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the cleardecompressbandsdata function in which there is no offset validation. Abuse of this vulnerability may lead to an out of bounds...

PT-2023-4663 · Freerdp +8 · Freerdp +8

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.11.0 FreeRDP versions prior to 3.0.0-beta3 Description: The issue is related to an Out-Of-Bounds Write in the clear decompress bands data function due to a lack of offset validation. This can be exploited by a remo...