Updated freerdp packages fix security vulnerabilities
Publication date: 22 Feb 2026Modification date: 22 Feb 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2026-23530 , CVE-2026-23531 , CVE-2026-23532 , CVE-2026-23533 , CVE-2026-23534 , CVE-2026-23948 , CVE-2026-24491 , CVE-2026-24675 , CVE-2026-24676 , CVE-2026-24677 , CVE-2026-24678 , CVE-2026-24679 , CVE-2026-24680 , CVE-2026-24681 , CVE-2026-24682 , CVE-2026-24683 , CVE-2026-24684
Description
FreeRDP has heap-buffer-overflow in planar_decompress_plane_rle.
(CVE-2026-23530)
FreeRDP has heap-buffer-overflow in clear_decompress. (CVE-2026-23531)
FreeRDP has heap-buffer-overflow in gdi_SurfaceToSurface.
(CVE-2026-23532)
FreeRDP has heap-buffer-overflow in clear_decompress_residual_data.
(CVE-2026-23533)
FreeRDP has heap-buffer-overflow in clear_decompress_bands_data.
(CVE-2026-23534)
FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2().
(CVE-2026-23948)
FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491)
FreeRDP has a Heap-use-after-free in urb_select_interface.
(CVE-2026-24675)
FreeRDP has a heap-use-after-free in audio_format_compatible.
(CVE-2026-24676)
FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264.
(CVE-2026-24677)
FreeRDP has a Heap-use-after-free in cam_v4l_stream_capture_thread.
(CVE-2026-24678)
FreeRDP has a heap-buffer-overflow in urb_select_interface.
(CVE-2026-24679)
FreeRDP has a heap-use-after-free in update_pointer_new(SDL).
(CVE-2026-24680)
FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb.
(CVE-2026-24681)
FreeRDP has a Heap-buffer-overflow in audio_formats_free.
(CVE-2026-24682)
FreeRDP has a heap-use-after-free in ainput_send_input_event.
(CVE-2026-24683)
FreeRDP has a Heap-use-after-free in play_thread. (CVE-2026-24684)
References
- https://bugs.mageia.org/show_bug.cgi?id=35038
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/3PECP75D65BGMOXX4VA6VFZW5A365UOB/
- https://www.openwall.com/lists/oss-security/2026/02/09/8
- https://www.openwall.com/lists/oss-security/2026/02/10/1
- https://ubuntu.com/security/notices/USN-8004-1
- https://ubuntu.com/security/notices/USN-8042-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23530
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23531
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23532
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23533
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23534
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23948
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24491
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24675
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24676
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24677
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24678
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24679
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24680
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24681
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24682
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24683
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24684
SRPMS
9/core
- freerdp-2.11.7-1.2.mga9