Mageia 9 freerdp Advisory MGASA-2026-0086 Heap Overflow Security Issues
mageia
April 6, 2026
MGASA-2026-0086 - Updated freerdp packages fix security vulnerabilities
Summary
Description: FreeRDP has a heap-buffer-overflow in audin_process_formats. (CVE-2026-22852) FreeRDP has a heap-buffer-overflow in drive_process_irp_read. (CVE-2026-22854) FreeRDP has a heap-buffer-overflow in smartcard_unpack_set_attrib_call. (CVE-2026-22855) FreeRDP has a heap-use-after-free in create_irp_thread. (CVE-2026-22856) FreeRDP has a heap-use-after-free in irp_thread_func. (CVE-2026-22857) FreeRDP has a heap-buffer-overflow in urb_select_configuration. (CVE-2026-22859) FreeRDP has heap-buffer-overflow in Glyph_Alloc. (CVE-2026-23732) Heap-use-after-free in update_pointer_new. (CVE-2026-23883) Heap-use-after-free in gdi_set_bounds. (CVE-2026-23884) FreeRDP has a heap-use-after-free in video_timer. (CVE-2026-24491) Buffer Overread in FreeRDP Icon Processing. (CVE-2026-26271) FreeRDP has Out-of-bounds Write. (CVE-2026-26955, CVE-2026-26965) FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions. (CVE-2026-31806) FreeRD...
References
- https://bugs.mageia.org/show_bug.cgi?id=35141
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/F2VLQU7USVAQ733RYB7II6KGZB3FG2KW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HAYMD62GFPCFHGN6JPLMCVJHP3SKINMW/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3QGQZQS6664TXPPYGBP7673W2JAXG4K/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/34ABPSLQFVRGFKDSR5ZEDKG5UH6KIBCA/
- https://www.cve.org/CVERecord?id=CVE-2026-22852
- https://www.cve.org/CVERecord?id=CVE-2026-22854
- https://www.cve.org/CVERecord?id=CVE-2026-22855
- https://www.cve.org/CVERecord?id=CVE-2026-22856
- https://www.cve.org/CVERecord?id=CVE-2026-22857
- https://www.cve.org/CVERecord?id=CVE-2026-22859
- https://www.cve.org/CVERecord?id=CVE-2026-23732
- https://www.cve.org/CVERecord?id=CVE-2026-23883
- https://www.cve.org/CVERecord?id=CVE-2026-23884
- https://www.cve.org/CVERecord?id=CVE-2026-24491
- https://www.cve.org/CVERecord?id=CVE-2026-26271
- https://www.cve.org/CVERecord?id=CVE-2026-26955
- https://www.cve.org/CVERecord?id=CVE-2026-26965
- https://www.cve.org/CVERecord?id=CVE-2026-31806
- https://www.cve.org/CVERecord?id=CVE-2026-31883
- https://www.cve.org/CVERecord?id=CVE-2026-31885
Topics Covered
Resolution
SRPMS
- 9/core/freerdp-2.11.7-1.3.mga9
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 06 Apr 2026
URL: https://advisories.mageia.org/MGASA-2026-0086.html
Type: security
CVE: CVE-2026-22852,
CVE-2026-22854,
CVE-2026-22855,
CVE-2026-22856,
CVE-2026-22857,
CVE-2026-22859,
CVE-2026-23732,
CVE-2026-23883,
CVE-2026-23884,
CVE-2026-24491,
CVE-2026-26271,
CVE-2026-26955,
CVE-2026-26965,
CVE-2026-31806,
CVE-2026-31883,
CVE-2026-31885
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!