CVE-2026-24678
EUVD-2026-648509.02.2026, 19:15
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callback after a device channel close, leading to a use after free in ecam_channel_write. This vulnerability is fixed in 3.22.0.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| freerdp | freerdp | 𝑥 < 3.22.0 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| freerdp |
| ||||||||
| freerdp-devel |
| ||||||||
| freerdp-proxy |
| ||||||||
| freerdp-proxy-plugins |
| ||||||||
| freerdp-sdl |
| ||||||||
| freerdp-server |
| ||||||||
| libfreerdp-server-proxy3-3 |
| ||||||||
| libfreerdp3-3 |
| ||||||||
| librdtk0-0 |
| ||||||||
| libwinpr3-3 |
| ||||||||
| winpr-devel |
|
Common Weakness Enumeration