CLSA-2026-1775223344
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1775223344.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1775223344
- Upstream
- Published
- 2026-04-10T16:18:55Z
- Modified
- 2026-06-01T00:33:18.403545351Z
- Summary
- freerdp: Fix of 3 CVEs
- Details
-
- CVE-2023-39355: fix use-after-free in RDPGFXCMDIDRESETGRAPHICS handling when context->maxPlaneSize == 0; update context->planesBuffer after free and prevent access to freed memory
- CVE-2026-26965: fix heap out-of-bounds write in RLE planar decode that permit attacker-controlled pixel data and offset overwrite adjacent function pointer; validate (nYDst+nSrcHeight) and (nXDst+nSrcWidth) against destination bounds and ensure writes use correct buffer, prevent OOB write
- CVE-2026-26955: fix heap buffer overflow in GDI surface pipeline caused by out-of-bounds ClearCodec destination rectangle; add top-level guard in clear_decompress() to validate nXDst/nYDst against destination surface dimensions protecting all code paths (bands, residual, glyph, subcodec); fix subcodec bounds checks to compare against destination dimensions
- References
Affected packages
TuxCare:CentOS:7 / freerdp
Package
- Name
- freerdp
- Purl
- pkg:rpm/tuxcare/freerdp?distro=centos-7
TuxCare:CentOS:7 / freerdp-devel
Package
- Name
- freerdp-devel
- Purl
- pkg:rpm/tuxcare/freerdp-devel?distro=centos-7
TuxCare:CentOS:7 / freerdp-libs
Package
- Name
- freerdp-libs
- Purl
- pkg:rpm/tuxcare/freerdp-libs?distro=centos-7
TuxCare:CentOS:7 / libwinpr
Package
- Name
- libwinpr
- Purl
- pkg:rpm/tuxcare/libwinpr?distro=centos-7