CVE-2026-27951

Опубликовано: 25 фев. 2026

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 5.3

Описание

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function Stream_EnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems where the available physical memory is >= SIZE_MAX. Version 3.23.0 contains a patch. No known workarounds are available.

Релиз	Статус	Примечание
devel	DNE
esm-apps/bionic	needs-triage
esm-infra/xenial	needs-triage
jammy	DNE
noble	DNE
questing	DNE
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-apps/noble	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
jammy	needs-triage
noble	needs-triage
questing	DNE
upstream	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	pending	3.24.0+dfsg-2
jammy	DNE
noble	released	3.5.1+dfsg1-0ubuntu1.4
questing	released	3.16.0+dfsg-2ubuntu0.3
upstream	released	3.23.0

Показывать по

Ссылки на источники

EPSS

Процентиль: 16%

0.00052

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2026-27951

CVSS3: 5.9

redhat

около 1 месяца назад

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function `Stream_EnsureCapacity` can create an endless blocking loop. This may affect all client and server implementations using `FreeRDP`. For practical exploitation this will only work on 32bit systems where the available physical memory is `>= SIZE_MAX`. Version 3.23.0 contains a patch. No known workarounds are available.

CVE-2026-27951

CVSS3: 5.3

nvd

30 дней назад

CVE-2026-27951

CVSS3: 5.3

debian

30 дней назад

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...

EPSS

Процентиль: 16%

0.00052

Низкий

5.3 Medium

CVSS3

CVE-2026-27951

Описание

Пакет freerdp

Пакет freerdp2

Пакет freerdp3

Ссылки на источники

Связанные уязвимости