CVE-2026-25997

Опубликовано: 25 фев. 2026

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 9.8

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xf_clipboard_format_equal reads freed lastSentFormats memory because xf_clipboard_formats_free (called from the cliprdr channel thread during auto-reconnect) frees the array while the X11 event thread concurrently iterates it in xf_clipboard_changed, triggering a heap use after free. Version 3.23.0 fixes the issue.

Релиз	Статус	Примечание
devel	DNE
esm-apps/bionic	needs-triage
esm-infra/xenial	needs-triage
jammy	DNE
noble	DNE
questing	DNE
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/noble	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
jammy	needs-triage
noble	needs-triage
questing	DNE
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	pending	3.24.0+dfsg-2
jammy	DNE
noble	released	3.5.1+dfsg1-0ubuntu1.4
questing	released	3.16.0+dfsg-2ubuntu0.3
upstream	released	3.23.0

Показывать по

Ссылки на источники

EPSS

Процентиль: 29%

0.00108

Низкий

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2026-25997

CVSS3: 5.3

redhat

около 1 месяца назад

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called from the cliprdr channel thread during auto-reconnect) frees the array while the X11 event thread concurrently iterates it in `xf_clipboard_changed`, triggering a heap use after free. Version 3.23.0 fixes the issue.

CVE-2026-25997

CVSS3: 9.8

nvd

около 1 месяца назад

CVE-2026-25997

CVSS3: 9.8

debian

около 1 месяца назад

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...

EPSS

Процентиль: 29%

0.00108

Низкий

9.8 Critical

CVSS3

CVE-2026-25997

Описание

Пакет freerdp

Пакет freerdp2

Пакет freerdp3

Ссылки на источники

Связанные уязвимости