Описание
Security update for freerdp
This update for freerdp fixes the following issue:
- CVE-2026-24491: Heap-use-after-free in video_timer additional fix (bsc#1257981).
Список пакетов
SUSE Linux Enterprise Server 12 SP5-LTSS
freerdp-devel-2.1.2-12.60.1
winpr2-devel-2.1.2-12.60.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
freerdp-devel-2.1.2-12.60.1
winpr2-devel-2.1.2-12.60.1
Ссылки
- Link for SUSE-SU-2026:0969-1
- E-Mail link for SUSE-SU-2026:0969-1
- SUSE Security Ratings
- SUSE Bug 1257981
- SUSE Bug 1259251
- SUSE CVE CVE-2026-24491 page
Описание
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. This vulnerability is fixed in 3.22.0.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.60.1
SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.60.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.60.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.60.1
Ссылки
- CVE-2026-24491
- SUSE Bug 1257981