Astra Linux - уязвимость в freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol. Clients that use versions of FreeRDP before 3.5.0 or 2.11.6 are vulnerable to integer overflows and out-of-bounds writes. Versions 3.5.0 and 2.11.6 address this issue. As a workaround, do not use /gfx options for example, deactivate...

Linux Distros Unpatched Vulnerability : CVE-2026-23884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves gdi-drawing pointing to freed memory,...

SUSE CVE-2020-11040

In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in cleardecompresssubcoderlex, visualized on screen as color. This has been patched in 2.1.0...

PT-2022-5609 · Freerdp +10 · Freerdp +10

Name of the Vulnerable Software and Affected Versions: FreeRDP versions prior to 2.9.0 Description: The issue is related to a missing range check for input offset index in the ZGFX decoder of FreeRDP, allowing a malicious server to trick a FreeRDP-based client into reading out of bound data and...

DEBIAN-CVE-2020-11526

libfreerdp/core/update.c in FreeRDP versions 1.1 through 2.0.0-rc4 has an Out-of-bounds Read...

PT-2020-6920 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions 1.1 through 1.9 Description: The issue is related to an out-of-bounds read in the autodetect recv bandwidth measure results function. A malicious server can extract up to 8 bytes of client memory with a manipulated message by...

PT-2020-12510 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions 1.1 through 1.9 Description: The issue involves an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in version 2.0.0. Recommendations: For versions 1.1 through 1.9, updat...