rpm package
opensuse/freerdp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/freerdp&distro=openSUSE%20Tumbleweed
Vulnerabilities (80)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-22853 | — | < 3.20.2-1.1 | 3.20.2-1.1 | Jan 14, 2026 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndr_read_uint8Array | ||
| CVE-2026-22852 | — | < 3.20.2-1.1 | 3.20.2-1.1 | Jan 14, 2026 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across mu | ||
| CVE-2026-22851 | — | < 3.20.2-1.1 | 3.20.2-1.1 | Jan 14, 2026 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl->primary (SDL_Surface) is accesse | ||
| CVE-2025-4478 | — | < 3.21.0-2.1 | 3.21.0-2.1 | May 16, 2025 | A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL po | ||
| CVE-2024-32661 | — | < 3.21.0-2.1 | 3.21.0-2.1 | Apr 23, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available. | ||
| CVE-2024-32660 | — | < 3.21.0-2.1 | 3.21.0-2.1 | Apr 23, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available. | ||
| CVE-2024-32659 | — | < 3.21.0-2.1 | 3.21.0-2.1 | Apr 23, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available. | ||
| CVE-2024-32658 | — | < 3.21.0-2.1 | 3.21.0-2.1 | Apr 23, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available. | ||
| CVE-2024-32460 | — | < 3.5.1-1.1 | 3.5.1-1.1 | Apr 22, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workarou | ||
| CVE-2024-32459 | — | < 3.5.1-1.1 | 3.5.1-1.1 | Apr 22, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available. | ||
| CVE-2024-32458 | — | < 3.5.1-1.1 | 3.5.1-1.1 | Apr 22, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by defaul | ||
| CVE-2024-32041 | — | < 3.5.1-1.1 | 3.5.1-1.1 | Apr 22, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/ | ||
| CVE-2024-32040 | — | < 3.5.1-1.1 | 3.5.1-1.1 | Apr 22, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a | ||
| CVE-2024-32039 | — | < 3.5.1-1.1 | 3.5.1-1.1 | Apr 22, 2024 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` opt | ||
| CVE-2024-22211 | — | < 3.21.0-2.1 | 3.21.0-2.1 | Jan 19, 2024 | FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and prox | ||
| CVE-2023-40574 | — | < 3.4.0-1.1 | 3.4.0-1.1 | Aug 31, 2023 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `writePixelBGRX` function. This issue is likely down to incorrect calculations of the `nHeight` and `srcStep` v | ||
| CVE-2023-40576 | — | < 3.4.0-1.1 | 3.4.0-1.1 | Aug 31, 2023 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `RleDecompress` function. This Out-Of-Bounds Read occurs because FreeRDP processes the `pbSrcBuffer` variable wi | ||
| CVE-2023-40575 | — | < 3.4.0-1.1 | 3.4.0-1.1 | Aug 31, 2023 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_YUV444ToRGB_8u_P3AC4R_BGRX` function. This issue is likely down to insufficient data for the `pSrc` var | ||
| CVE-2014-0250 | — | < 2.0.0~git.1463131968.4e66df7-2.5 | 2.0.0~git.1463131968.4e66df7-2.5 | Nov 16, 2014 | Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated. | ||
| CVE-2014-0791 | — | < 2.0.0~git.1463131968.4e66df7-2.5 | 2.0.0~git.1463131968.4e66df7-2.5 | Jan 3, 2014 | Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Se |
- CVE-2026-22853Jan 14, 2026affected < 3.20.2-1.1fixed 3.20.2-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndr_read_uint8Array
- CVE-2026-22852Jan 14, 2026affected < 3.20.2-1.1fixed 3.20.2-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across mu
- CVE-2026-22851Jan 14, 2026affected < 3.20.2-1.1fixed 3.20.2-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl->primary (SDL_Surface) is accesse
- CVE-2025-4478May 16, 2025affected < 3.21.0-2.1fixed 3.21.0-2.1
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL po
- CVE-2024-32661Apr 23, 2024affected < 3.21.0-2.1fixed 3.21.0-2.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
- CVE-2024-32660Apr 23, 2024affected < 3.21.0-2.1fixed 3.21.0-2.1
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
- CVE-2024-32659Apr 23, 2024affected < 3.21.0-2.1fixed 3.21.0-2.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
- CVE-2024-32658Apr 23, 2024affected < 3.21.0-2.1fixed 3.21.0-2.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
- CVE-2024-32460Apr 22, 2024affected < 3.5.1-1.1fixed 3.5.1-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workarou
- CVE-2024-32459Apr 22, 2024affected < 3.5.1-1.1fixed 3.5.1-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.
- CVE-2024-32458Apr 22, 2024affected < 3.5.1-1.1fixed 3.5.1-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by defaul
- CVE-2024-32041Apr 22, 2024affected < 3.5.1-1.1fixed 3.5.1-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/
- CVE-2024-32040Apr 22, 2024affected < 3.5.1-1.1fixed 3.5.1-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a
- CVE-2024-32039Apr 22, 2024affected < 3.5.1-1.1fixed 3.5.1-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` opt
- CVE-2024-22211Jan 19, 2024affected < 3.21.0-2.1fixed 3.21.0-2.1
FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and prox
- CVE-2023-40574Aug 31, 2023affected < 3.4.0-1.1fixed 3.4.0-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `writePixelBGRX` function. This issue is likely down to incorrect calculations of the `nHeight` and `srcStep` v
- CVE-2023-40576Aug 31, 2023affected < 3.4.0-1.1fixed 3.4.0-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `RleDecompress` function. This Out-Of-Bounds Read occurs because FreeRDP processes the `pbSrcBuffer` variable wi
- CVE-2023-40575Aug 31, 2023affected < 3.4.0-1.1fixed 3.4.0-1.1
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_YUV444ToRGB_8u_P3AC4R_BGRX` function. This issue is likely down to insufficient data for the `pSrc` var
- CVE-2014-0250Nov 16, 2014affected < 2.0.0~git.1463131968.4e66df7-2.5fixed 2.0.0~git.1463131968.4e66df7-2.5
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress function, which causes an incorrect amount of memory to be allocated.
- CVE-2014-0791Jan 3, 2014affected < 2.0.0~git.1463131968.4e66df7-2.5fixed 2.0.0~git.1463131968.4e66df7-2.5
Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Se
Page 4 of 4