3 matches found
SUSE CVE-2026-22858
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...
CVE-2026-22859 FreeRDP has a heap-buffer-overflow in urb_select_configuration
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...
CVE-2026-22857 FreeRDP has a heap-use-after-free in irp_thread_func
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...