Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 43: freerdp Critical Heap Buffer Overflow Advisory 2026-79f923d917

fedora
Calendar Grey January 16, 2026
Dist Fedora Esm H88
Freerdp update for Fedora 43 addresses critical heap overflow issues with improved security measures.
Update to 3.20.2

Summary

The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP

project.

xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows

machines, xrdp and VirtualBox.

Update Information:

Update to 3.20.2

Topics%20covered

Topics Covered

security advisory fedora critical remote desktop heap buffer overflow freerdp

Change Log

* Wed Jan 14 2026 Ondrej Holy - 2:3.20.2-1 - Update to 3.20.2 * Wed Jan 14 2026 Ondrej Holy - 2:3.20.1-1 - Update to 3.20.1 Resolves: rhbz#2423151

References


[ 1 ] Bug #2429784 - CVE-2026-22857 freerdp: FreeRDP heap-use-after-free [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429784 [ 2 ] Bug #2429789 - CVE-2026-22859 freerdp: FreeRDP heap-buffer-overflow [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429789 [ 3 ] Bug #2429797 - CVE-2026-22852 freerdp: FreeRDP heap-buffer-overflow [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429797 [ 4 ] Bug #2429803 - CVE-2026-22854 freerdp: FreeRDP heap-buffer-overflow [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429803 [ 5 ] Bug #2429806 - CVE-2026-22855 freerdp: FreeRDP heap-buffer-overflow [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429806 [ 6 ] Bug #2429812 - CVE-2026-22853 freerdp: FreeRDP heap-buffer-overflow [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2429812 [ 7 ] Bug #2429816 - CVE-2026-22858 freerdp: FreeRDP global-buffer-overflow [fedora-43] ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-79f923d917' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: freerdp
Product: Fedora 43
Version: 3.20.2
Release: 1.fc43
URL: http://www.freerdp.com/
Summary: Free implementation of the Remote Desktop Protocol (RDP)

Topics%20covered

Topics Covered

security advisory fedora critical remote desktop heap buffer overflow freerdp

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here