Описание
Security update for freerdp
This update for freerdp fixes the following issue:
- CVE-2026-24491: Heap-use-after-free in video_timer additional fix (bsc#1257981).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP7
uwac0-0-devel-2.11.2-150600.4.15.1
openSUSE Leap 15.6
freerdp-2.11.2-150600.4.15.1
freerdp-devel-2.11.2-150600.4.15.1
freerdp-proxy-2.11.2-150600.4.15.1
freerdp-server-2.11.2-150600.4.15.1
freerdp-wayland-2.11.2-150600.4.15.1
libfreerdp2-2-2.11.2-150600.4.15.1
libuwac0-0-2.11.2-150600.4.15.1
libwinpr2-2-2.11.2-150600.4.15.1
uwac0-0-devel-2.11.2-150600.4.15.1
winpr-devel-2.11.2-150600.4.15.1
Ссылки
- Link for SUSE-SU-2026:0933-1
- E-Mail link for SUSE-SU-2026:0933-1
- SUSE Security Ratings
- SUSE Bug 1257981
- SUSE Bug 1259251
- SUSE CVE CVE-2026-24491 page
Описание
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.15.1
openSUSE Leap 15.6:freerdp-2.11.2-150600.4.15.1
openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.15.1
openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.15.1
Ссылки
- CVE-2026-24491
- SUSE Bug 1257981