Уязвимость CVE-2026-26986

Пакет	Статус	Версия исправления	Релиз	Тип
freerdp3	fixed	3.23.0+dfsg-1		package
freerdp3	no-dsa		trixie	package
freerdp3	no-dsa		bookworm	package
freerdp2	removed			package
freerdp2	no-dsa		bookworm	package

CVE-2026-26986

CVSS3: 7.5

ubuntu

около 1 месяца назад

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on title allocation failure without first removing the entry from the `railWindows` hash table, leaving a dangling pointer that is freed again on disconnect. Version 3.23.0 fixes the vulnerability.

CVE-2026-26986

CVSS3: 5.3

redhat

около 1 месяца назад

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on title allocation failure without first removing the entry from the `railWindows` hash table, leaving a dangling pointer that is freed again on disconnect. Version 3.23.0 fixes the vulnerability.

CVE-2026-26986

CVSS3: 7.5

nvd

около 1 месяца назад

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on title allocation failure without first removing the entry from the `railWindows` hash table, leaving a dangling pointer that is freed again on disconnect. Version 3.23.0 fixes the vulnerability.

exploitDog

CVE-2026-26986

Описание

Пакеты

Примечания

Связанные уязвимости