CVE-2026-22851
EUVD-2026-267714.01.2026, 18:16
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl->primary (SDL_Surface) is accessed after it has been freed during RDPGFX ResetGraphics handling. This vulnerability is fixed in 3.20.1.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| freerdp | freerdp | 𝑥 < 3.20.1 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| freerdp |
| ||||||||
| freerdp-devel |
| ||||||||
| freerdp-proxy |
| ||||||||
| freerdp-proxy-plugins |
| ||||||||
| freerdp-sdl |
| ||||||||
| freerdp-server |
| ||||||||
| libfreerdp-server-proxy3-3 |
| ||||||||
| libfreerdp3-3 |
| ||||||||
| librdtk0-0 |
| ||||||||
| libwinpr3-3 |
| ||||||||
| winpr-devel |
|