{"affected":[{"ecosystem_specific":{"binaries":[{"freerdp":"3.10.3-150700.3.3.1","freerdp-devel":"3.10.3-150700.3.3.1","freerdp-proxy":"3.10.3-150700.3.3.1","freerdp-server":"3.10.3-150700.3.3.1","freerdp-wayland":"3.10.3-150700.3.3.1","libuwac0-0":"3.10.3-150700.3.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP7","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.10.3-150700.3.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"freerdp":"3.10.3-150700.3.3.1","freerdp-devel":"3.10.3-150700.3.3.1","freerdp-proxy":"3.10.3-150700.3.3.1","freerdp-proxy-plugins":"3.10.3-150700.3.3.1","freerdp-sdl":"3.10.3-150700.3.3.1","freerdp-server":"3.10.3-150700.3.3.1","libfreerdp-server-proxy3-3":"3.10.3-150700.3.3.1","libfreerdp3-3":"3.10.3-150700.3.3.1","librdtk0-0":"3.10.3-150700.3.3.1","libwinpr3-3":"3.10.3-150700.3.3.1","winpr-devel":"3.10.3-150700.3.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 15 SP7","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.10.3-150700.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for freerdp fixes the following issues:\n\n- CVE-2025-4478: Fixed initialization of function pointers after \n  resource allocations (bsc#1243109)\n- CVE-2026-22851: Fixed RDPGFX ResetGraphics race leading to \n  use-after-free in SDL client (sdl->primary) (bsc#1256717)\n- CVE-2026-22852: Fixed heap-buffer-overflow in audin_process_formats \n  (bsc#1256718)\n- CVE-2026-22853: Fixed heap-buffer-overflow in ndr_read_uint8Array \n  (bsc#1256719)\n- CVE-2026-22854: Fixed heap-buffer-overflow in drive_process_irp_read \n  (bsc#1256720)\n- CVE-2026-22855: Fixed heap-buffer-overflow in smartcard_unpack_set_attrib_call \n  (bsc#1256721)\n- CVE-2026-22856: Fixed heap-use-after-free in create_irp_thread (bsc#1256722)\n- CVE-2026-22857: Fixed heap-use-after-free in irp_thread_func (bsc#1256723)\n- CVE-2026-22858: Fixed global-buffer-overflow in crypto_base64_devoce \n  (bsc#1256724)\n- CVE-2026-22859: Fixed heap-buffer-overflow in urb_select_configuration \n  (bsc#1256725)\n- CVE-2026-23530: Fixed improper validation leading to heap buffer overflow \n  in `planar_decompress_plane_rle` (bsc#1256940)\n- CVE-2026-23531: Fixed improper validation in `clear_decompress` leading to \n  heap buffer overflow (bsc#1256941)\n- CVE-2026-23532: Fixed mismatch between destination rectangle clamping and \n  the actual copy size leading to heap buffer overflow in \n  `gdi_SurfaceToSurface` (bsc#1256942)\n- CVE-2026-23533: Fixed improper validation leading to heap buffer overflow in \n  `clear_decompress_residual_data` (bsc#1256943)\n- CVE-2026-23534: Fixed missing checks leading to heap buffer overflow in \n  `clear_deceompress_bands_data` (bsc#1256944)\n- CVE-2026-23732: Fixed improper validation leading to heap buffer overflow in \n  `Glyph_alloc` (bsc#1256945)\n- CVE-2026-23883: Fixed use-after-free when `update_pointer_color` and \n  `freerdp_image_copy_fromPointer_data` fail (bsc#1256946)\n- CVE-2026-23884: Fixed use-after-free in `gdi_set_bounds` (bsc#1256947)\n","id":"SUSE-SU-2026:0345-1","modified":"2026-01-30T07:18:43Z","published":"2026-01-30T07:18:43Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20260345-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243109"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256717"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256718"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256719"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256720"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256721"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256722"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256723"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256724"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256725"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256940"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256941"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256943"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256944"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256945"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256946"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256947"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4478"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22851"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22852"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22853"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22854"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22855"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22856"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22857"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22858"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22859"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23530"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23531"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23532"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23533"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23534"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23732"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23883"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23884"}],"related":["CVE-2025-4478","CVE-2026-22851","CVE-2026-22852","CVE-2026-22853","CVE-2026-22854","CVE-2026-22855","CVE-2026-22856","CVE-2026-22857","CVE-2026-22858","CVE-2026-22859","CVE-2026-23530","CVE-2026-23531","CVE-2026-23532","CVE-2026-23533","CVE-2026-23534","CVE-2026-23732","CVE-2026-23883","CVE-2026-23884"],"summary":"Security update for freerdp","upstream":["CVE-2025-4478","CVE-2026-22851","CVE-2026-22852","CVE-2026-22853","CVE-2026-22854","CVE-2026-22855","CVE-2026-22856","CVE-2026-22857","CVE-2026-22858","CVE-2026-22859","CVE-2026-23530","CVE-2026-23531","CVE-2026-23532","CVE-2026-23533","CVE-2026-23534","CVE-2026-23732","CVE-2026-23883","CVE-2026-23884"]}