CVE-2026-25955
EUVD-2026-873525.02.2026, 21:16
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `surface->data` without invalidating the `appWindow->image` that aliases it. Version 3.23.0 fixes the issue.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| freerdp | freerdp | 𝑥 < 3.23.0 |
𝑥
= Vulnerable software versions
Debian Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| freerdp |
| ||||||||
| freerdp-devel |
| ||||||||
| freerdp-proxy |
| ||||||||
| freerdp-proxy-plugins |
| ||||||||
| freerdp-sdl |
| ||||||||
| freerdp-server |
| ||||||||
| libfreerdp-server-proxy3-3 |
| ||||||||
| libfreerdp3-3 |
| ||||||||
| librdtk0-0 |
| ||||||||
| libwinpr3-3 |
| ||||||||
| winpr-devel |
|
Common Weakness Enumeration
References