13 matches found
Astra Linux - уязвимость в freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007173)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007173 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFre...
CVE-2026-26986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...
CVE-2026-25953
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...
CVE-2026-25953
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...
CVE-2026-26986
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...
CVE-2026-26986 FreeRDP has heap-use-after-free in rail_window_free
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, railwindowfree dereferences a freed xfAppWindow pointer during HashTableFree cleanup because xfrailwindowcommon calls freeappWindow on title allocation failure without first removing the entry from the...
EUVD-2026-8734
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverlocalmovesize dereferences a freed xfAppWindow pointer because xfrailgetwindow returns an unprotected pointer from the railWindows hash table, and the main thread can concurrently delete the wind...
CVE-2026-25953
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...
CVE-2026-25952
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...
FreeRDP 安全漏洞
FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of xfrailserverlocalmovesize, which unreferenced and released the xfAppWindow pointer, potentiall...
FreeRDP 安全漏洞
FreeRDP is an open-source RDP protocol implementation developed by the FreeRDP team. Versions of FreeRDP prior to 3.23.0 contained security vulnerabilities. These vulnerabilities stemmed from the use of xfSetWindowMinMaxInfo, which reclaimed freed xfAppWindow pointers, potentially leading to reus...
PT-2026-22011
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A flaw exists in the RAIL channel window management where the xf rail server local move size function dereferences a freed xfAppWindo...