Security News

Cybersecurity news aggregator

🔓
MEDIUM Vulnerabilities Ubuntu Security

USN-8042-1: FreeRDP vulnerabilities

freerdpcve-2026-23948cve-2026-24491cve-2026-24675cve-2026-24679
  • What: Multiple vulnerabilities were discovered in FreeRDP related to memory handling and buffer overflows.
  • Impact: An attacker could cause a denial of service or potentially execute arbitrary code.
  • Affected: FreeRDP3 in Ubuntu 24.04 LTS and Ubuntu 25.10 are affected by CVE-2026-24491.
  • CVE: CVE-2026-23948, CVE-2026-24491, CVE-2026-24675, CVE-2026-24679, CVE-2026-24682
Read Full Article →

It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service. (CVE-2026-23948) It was discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected FreeRDP3 in Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-24491) It was discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2026-24675, CVE-2026-24679, CVE-2026-24682) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2026-24676, CVE-2026-24681) It was discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 25.10. (CVE-2026-24677) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 25.10. (CVE-2026-24678) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected FreeRDP3 in Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-24680) It was discovered that FreeRDP had a use after free vulnerability under certain circumstances. An attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. (CVE-2026-24683, CVE-2026-24684)

Related Articles

INFO RHSA-2026:19033: Important: freerdp security update Red Hat Errata INFO RHSA-2026:9640: Important: freerdp security update Red Hat Errata INFO RHSA-2026:9641: Important: freerdp security update Red Hat Errata HIGH RHSA-2026:10076: Important: freerdp security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn