Описание
Security update for freerdp2
This update for freerdp2 fixes the following issue:
- CVE-2026-24491: Heap-use-after-free in video_timer additional fix (bsc#1257981).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP7
winpr2-devel-2.11.7-150700.3.11.1
SUSE Linux Enterprise Workstation Extension 15 SP7
freerdp2-2.11.7-150700.3.11.1
freerdp2-devel-2.11.7-150700.3.11.1
freerdp2-proxy-2.11.7-150700.3.11.1
freerdp2-server-2.11.7-150700.3.11.1
libfreerdp2-2-2.11.7-150700.3.11.1
libwinpr2-2-2.11.7-150700.3.11.1
winpr2-devel-2.11.7-150700.3.11.1
Ссылки
- Link for SUSE-SU-2026:0968-1
- E-Mail link for SUSE-SU-2026:0968-1
- SUSE Security Ratings
- SUSE Bug 1257981
- SUSE Bug 1259251
- SUSE CVE CVE-2026-24491 page
Описание
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.11.1
SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.11.1
SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.11.1
SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.11.1
Ссылки
- CVE-2026-24491
- SUSE Bug 1257981