Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

SUSE freerdp Important Heap Overflow Issues Security Advisory 2026-0762-1

suse
Calendar Grey March 3, 2026
Dist Suse Esm H88
Update for freerdp addresses 11 issues in SUSE systems with important patches required for system integrity.
An update that solves 11 vulnerabilities can now be installed.

Summary

## This update for freerdp fixes the following issues: * CVE-2026-22855: heap-buffer-overflow in smartcard_unpack_set_attrib_call (bsc#1256721). * CVE-2026-22857: heap-use-after-free in irp_thread_func (bsc#1256723). * CVE-2026-23533: improper validation can lead to heap buffer overflow in `clear_decompress_residual_data` (bsc#1256943). * CVE-2026-23732: improper validation can lead to heap buffer overflow in `Glyph_Alloc` (bsc#1256945). * CVE-2026-23884: use-after-free in `gdi_set_bounds` (bsc#1256947). * CVE-2026-24491: heap-use-after-free in video_timer (bsc#1257981). * CVE-2026-24675: heap-use-after-free in urb_select_interface (bsc#1257982). * CVE-2026-24676: heap-use-after-free in audio_format_compatible (bsc#1257983).

References

* bsc#1256721

* bsc#1256723

* bsc#1256943

* bsc#1256945

* bsc#1256947

* bsc#1257981

* bsc#1257982

* bsc#1257983

* bsc#1257986

* bsc#1257989

* bsc#1257991

Cross-

* CVE-2026-22855

* CVE-2026-22857

* CVE-2026-23533

* CVE-2026-23732

* CVE-2026-23884

* CVE-2026-24491

* CVE-2026-24675

* CVE-2026-24676

* CVE-2026-24679

* CVE-2026-24682

* CVE-2026-24684

CVSS scores:

* CVE-2026-22855 ( SUSE ): 6.1

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2026-22855 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H

* CVE-2026-22855 ( NVD ): 5.6

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:0762-1
Release Date: 2026-03-03T12:41:22Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here