SUSE CVE-2026-33982

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, there is a heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpralignedoffsetrecalloc. This issue has been patched in version 3.24.2...

SUSE CVE-2026-33985

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2...

SUSE CVE-2026-33986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...

UBUNTU-CVE-2026-33987

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

EUVD-2026-17237

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext and kerberosInitializeSecurityContextA WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c can cause a crash in any FreeRDP clients on systems where...

CVE-2026-33986

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...

CVE-2026-33986 FreeRDP: H.264 YUV Buffer Dimension Desync - Heap OOB Write

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in yuvensurebuffer in libfreerdp/codec/h264.c, h264-width and h264-height are updated before the reallocation loop. If any winpralignedrecalloc call fails, the function returns FALSE but width/height are...

CVE-2026-33986

Vulnerability CVE-2026-33986 affects FreeRDP prior to 3.24.2. In yuv_ensure_buffer() (libfreerdp/codec/h264.c), h264->width and h264->height are inflated before the reallocation loop; if winpr_aligned_recalloc() fails, the function returns FALSE but width/height remain inflated. This is res...

CVE-2026-33984 FreeRDP: ClearCodec resize_vbar_entry() Heap OOB Write

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in resizevbarentry in libfreerdp/codec/clear.c, vBarEntry-size is updated to vBarEntry-count before the winpralignedrecalloc call. If realloc fails, size is inflated while pixels still points to the old,...

CVE-2026-33977

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a malicious RDP server can crash the FreeRDP client by sending audio data in IMA ADPCM format with an invalid initial step index value = 89. The unvalidated step index is read directly from the network and...

PT-2026-29137

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.2 Description FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a heap buffer overflow exists in the resize vbar entry function located in libfreerdp/codec/clear.c...

PT-2026-29136

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.2 Description FreeRDP is a free implementation of the Remote Desktop Protocol. The progressive decompress tile upgrade function detects a mismatch through progressive rfx quant cmp equal but only emits a warning,...