CLSA-2026-1771010890
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1771010890.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1771010890
- Upstream
- Published
- 2026-02-13T19:28:19Z
- Modified
- 2026-06-01T00:33:18.332191960Z
- Summary
- freerdp: Fix of 5 CVEs
- Details
-
- CVE-2026-22859: fix out-of-bounds access due to missing interface index validation in urbdrc channel
- CVE-2026-23732: fix out-of-bounds read due to missing input length check in glyph conversion
- CVE-2026-23883: fix integer overflow in cursor pixel allocation and surface-to-surface rectangle clamping
- CVE-2026-22852: fix heap buffer overflow in audinprocessformats due to stale format count
- CVE-2026-23531: fix out-of-bounds read/write in clear_decompress due to missing glyphData bounds check
- References
Affected packages
TuxCare:CentOS:7 / freerdp
Package
- Name
- freerdp
- Purl
- pkg:rpm/tuxcare/freerdp?distro=centos-7
TuxCare:CentOS:7 / freerdp-devel
Package
- Name
- freerdp-devel
- Purl
- pkg:rpm/tuxcare/freerdp-devel?distro=centos-7
TuxCare:CentOS:7 / freerdp-libs
Package
- Name
- freerdp-libs
- Purl
- pkg:rpm/tuxcare/freerdp-libs?distro=centos-7
TuxCare:CentOS:7 / libwinpr
Package
- Name
- libwinpr
- Purl
- pkg:rpm/tuxcare/libwinpr?distro=centos-7