VYPR

rpm package

opensuse/freerdp&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/freerdp&distro=openSUSE%20Tumbleweed

Vulnerabilities (80)

  • CVE-2026-24678Feb 9, 2026
    affected < 3.22.0-1.1fixed 3.22.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecam_channel_write. This vulnerability is fixed in 3.22.0.

  • CVE-2026-24677Feb 9, 2026
    affected < 3.22.0-1.1fixed 3.22.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecam_encoder_compress_h264 trusts server-controlled dimensions and does not validate the source buffer size, leading to an out-of-bounds read in sws_scale. This vulnerability is fixed in 3.22.0.

  • CVE-2026-24676Feb 9, 2026
    affected < 3.22.0-1.1fixed 3.22.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. This vulnerability is fixed in

  • CVE-2026-24675Feb 9, 2026
    affected < 3.22.0-1.1fixed 3.22.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface. This vulnerability is fixed in 3.22.0

  • CVE-2026-24491Feb 9, 2026
    affected < 3.22.0-1.1fixed 3.22.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0.

  • CVE-2026-23948Feb 9, 2026
    affected < 3.22.0-1.1fixed 3.22.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserNam

  • CVE-2026-23884Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, offscreen bitmap deletion leaves `gdi->drawing` pointing to freed memory, causing UAF when related update packets arrive. A malicious server can trigger a client‑side use after free, causing

  • CVE-2026-23883Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, `xf_Pointer_New` frees `cursorPixels` on failure, then `pointer_free` calls `xf_Pointer_Free` and frees it again, triggering ASan UAF. A malicious server can trigger a client‑side use after

  • CVE-2026-23732Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, FastGlyph parsing trusts `cbData`/remaining length and never validates against the minimum size implied by `cx/cy`. A malicious server can trigger a client‑side global buffer overflow, causi

  • CVE-2026-23534Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server ca

  • CVE-2026-23533Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the RDPGFX ClearCodec decode path when maliciously crafted residual data causes out-of-bounds writes during color output. A malicious server can

  • CVE-2026-23532Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client’s `gdi_SurfaceToSurface` path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious

  • CVE-2026-23531Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via cr

  • CVE-2026-23530Jan 19, 2026
    affected < 3.21.0-1.1fixed 3.21.0-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A malicious server can trigger a client‑side heap buffe

  • CVE-2026-22859Jan 14, 2026
    affected < 3.20.2-1.1fixed 3.20.2-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out‑of‑bounds read

  • CVE-2026-22858Jan 14, 2026
    affected < 3.20.2-1.1fixed 3.20.2-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned,

  • CVE-2026-22857Jan 14, 2026
    affected < 3.20.2-1.1fixed 3.20.2-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path. This vulnerability is fixed in 3.20.1.

  • CVE-2026-22856Jan 14, 2026
    affected < 3.20.2-1.1fixed 3.20.2-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it. This vulnerability is fixed in 3.20.1.

  • CVE-2026-22855Jan 14, 2026
    affected < 3.20.2-1.1fixed 3.20.2-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1.

  • CVE-2026-22854Jan 14, 2026
    affected < 3.20.2-1.1fixed 3.20.2-1.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to