3 matches found
CVE-2026-56297
FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcmanchannelclose and dvcmancallonreceive due to improper synchronization of channelcallback access. A malicious RDP server can trigger a race condition by sending DYNVCDATA and DYNVCCLOSE messages concurrently, causing...
CVE-2026-56297
FreeRDP
The vulnerability of the xrdp_mm_trans_process_drdynvc_channel_open function on the XRDP server allows a hacker to gain access to a remote machine.
The vulnerability of the xrdpmmtransprocessdrdynvcchannelopen function in the XRDP server is related to the ability to write data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain access to the remote machine...