Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 42 FreeRDP Update 3.21.0 Addresses Serious Heap Buffer Overflow

fedora
Calendar Grey January 28, 2026
Dist Fedora Esm H88
Update for Fedora 42 enhances FreeRDP to fix denial of service and code execution issues via heap buffer overflows.
Update to 3.21.0

Summary

The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP

project.

xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows

machines, xrdp and VirtualBox.

Update Information:

Update to 3.21.0

Topics%20covered

Topics Covered

security advisory denial of service fedora arbitrary code execution heap buffer overflow freerdp

Change Log

* Tue Jan 20 2026 Ondrej Holy - 2:3.21.0-1 - Update to 3.21.0 (CVE-2026-23530, CVE-2026-23531, CVE-2026-23532, CVE-2026-23533, CVE-2026-23534, CVE-2026-23732, CVE-2026-23883, CVE-2026-23884) Resolves: rhbz#2430928 * Fri Jan 16 2026 Fedora Release Engineering - 2:3.20.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild

References


[ 1 ] Bug #2430895 - CVE-2026-23532 freerdp: FreeRDP: Denial of Service and potential code execution via client-side heap buffer overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2430895 [ 2 ] Bug #2430900 - CVE-2026-23534 freerdp: FreeRDP: Arbitrary code execution and denial of service via client-side heap buffer overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2430900 [ 3 ] Bug #2430905 - CVE-2026-23531 freerdp: FreeRDP: Heap buffer overflow via crafted RDPGFX surface updates leads to denial of service and potential code execution. [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2430905 [ 4 ] Bug #2430911 - CVE-2026-23533 freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2430911 [ 5 ] Bug #2430916 - CVE-2026-23530 freerdp: FreeRDP: Heap buffer overflow leading to denial of service and potential...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-943caf40d9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: freerdp
Product: Fedora 42
Version: 3.21.0
Release: 1.fc42
URL: http://www.freerdp.com/
Summary: Free implementation of the Remote Desktop Protocol (RDP)

Topics%20covered

Topics Covered

security advisory denial of service fedora arbitrary code execution heap buffer overflow freerdp

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here