freerdp-3.21.0-2.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2026:10123-1 Final 1 1 2026-01-30T00:00:00Z current 2026-01-30T00:00:00Z 2026-01-30T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z freerdp-3.21.0-2.1 on GA media These are all security issues fixed in the freerdp-3.21.0-2.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2026-10123 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-22211/ SUSE CVE CVE-2024-22211 page https://www.suse.com/security/cve/CVE-2024-32658/ SUSE CVE CVE-2024-32658 page https://www.suse.com/security/cve/CVE-2024-32659/ SUSE CVE CVE-2024-32659 page https://www.suse.com/security/cve/CVE-2024-32660/ SUSE CVE CVE-2024-32660 page https://www.suse.com/security/cve/CVE-2024-32661/ SUSE CVE CVE-2024-32661 page https://www.suse.com/security/cve/CVE-2025-4478/ SUSE CVE CVE-2025-4478 page openSUSE Tumbleweed freerdp-3.21.0-2.1 freerdp-devel-3.21.0-2.1 freerdp-proxy-3.21.0-2.1 freerdp-proxy-plugins-3.21.0-2.1 freerdp-sdl-3.21.0-2.1 freerdp-server-3.21.0-2.1 freerdp-wayland-3.21.0-2.1 libfreerdp-server-proxy3-3-3.21.0-2.1 libfreerdp3-3-3.21.0-2.1 librdtk0-0-3.21.0-2.1 libuwac0-0-3.21.0-2.1 libwinpr3-3-3.21.0-2.1 rdtk0-devel-3.21.0-2.1 uwac0-devel-3.21.0-2.1 winpr-devel-3.21.0-2.1 freerdp-3.21.0-2.1 as a component of openSUSE Tumbleweed freerdp-devel-3.21.0-2.1 as a component of openSUSE Tumbleweed freerdp-proxy-3.21.0-2.1 as a component of openSUSE Tumbleweed freerdp-proxy-plugins-3.21.0-2.1 as a component of openSUSE Tumbleweed freerdp-sdl-3.21.0-2.1 as a component of openSUSE Tumbleweed freerdp-server-3.21.0-2.1 as a component of openSUSE Tumbleweed freerdp-wayland-3.21.0-2.1 as a component of openSUSE Tumbleweed libfreerdp-server-proxy3-3-3.21.0-2.1 as a component of openSUSE Tumbleweed libfreerdp3-3-3.21.0-2.1 as a component of openSUSE Tumbleweed librdtk0-0-3.21.0-2.1 as a component of openSUSE Tumbleweed libuwac0-0-3.21.0-2.1 as a component of openSUSE Tumbleweed libwinpr3-3-3.21.0-2.1 as a component of openSUSE Tumbleweed rdtk0-devel-3.21.0-2.1 as a component of openSUSE Tumbleweed uwac0-devel-3.21.0-2.1 as a component of openSUSE Tumbleweed winpr-devel-3.21.0-2.1 as a component of openSUSE Tumbleweed FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability. CVE-2024-22211 openSUSE Tumbleweed:freerdp-3.21.0-2.1 openSUSE Tumbleweed:freerdp-devel-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-plugins-3.21.0-2.1 openSUSE Tumbleweed:freerdp-sdl-3.21.0-2.1 openSUSE Tumbleweed:freerdp-server-3.21.0-2.1 openSUSE Tumbleweed:freerdp-wayland-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp-server-proxy3-3-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp3-3-3.21.0-2.1 openSUSE Tumbleweed:librdtk0-0-3.21.0-2.1 openSUSE Tumbleweed:libuwac0-0-3.21.0-2.1 openSUSE Tumbleweed:libwinpr3-3-3.21.0-2.1 openSUSE Tumbleweed:rdtk0-devel-3.21.0-2.1 openSUSE Tumbleweed:uwac0-devel-3.21.0-2.1 openSUSE Tumbleweed:winpr-devel-3.21.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-22211.html CVE-2024-22211 https://bugzilla.suse.com/1219049 SUSE Bug 1219049 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available. CVE-2024-32658 openSUSE Tumbleweed:freerdp-3.21.0-2.1 openSUSE Tumbleweed:freerdp-devel-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-plugins-3.21.0-2.1 openSUSE Tumbleweed:freerdp-sdl-3.21.0-2.1 openSUSE Tumbleweed:freerdp-server-3.21.0-2.1 openSUSE Tumbleweed:freerdp-wayland-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp-server-proxy3-3-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp3-3-3.21.0-2.1 openSUSE Tumbleweed:librdtk0-0-3.21.0-2.1 openSUSE Tumbleweed:libuwac0-0-3.21.0-2.1 openSUSE Tumbleweed:libwinpr3-3-3.21.0-2.1 openSUSE Tumbleweed:rdtk0-devel-3.21.0-2.1 openSUSE Tumbleweed:uwac0-devel-3.21.0-2.1 openSUSE Tumbleweed:winpr-devel-3.21.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-32658.html CVE-2024-32658 https://bugzilla.suse.com/1223353 SUSE Bug 1223353 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available. CVE-2024-32659 openSUSE Tumbleweed:freerdp-3.21.0-2.1 openSUSE Tumbleweed:freerdp-devel-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-plugins-3.21.0-2.1 openSUSE Tumbleweed:freerdp-sdl-3.21.0-2.1 openSUSE Tumbleweed:freerdp-server-3.21.0-2.1 openSUSE Tumbleweed:freerdp-wayland-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp-server-proxy3-3-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp3-3-3.21.0-2.1 openSUSE Tumbleweed:librdtk0-0-3.21.0-2.1 openSUSE Tumbleweed:libuwac0-0-3.21.0-2.1 openSUSE Tumbleweed:libwinpr3-3-3.21.0-2.1 openSUSE Tumbleweed:rdtk0-devel-3.21.0-2.1 openSUSE Tumbleweed:uwac0-devel-3.21.0-2.1 openSUSE Tumbleweed:winpr-devel-3.21.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-32659.html CVE-2024-32659 https://bugzilla.suse.com/1223346 SUSE Bug 1223346 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available. CVE-2024-32660 openSUSE Tumbleweed:freerdp-3.21.0-2.1 openSUSE Tumbleweed:freerdp-devel-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-plugins-3.21.0-2.1 openSUSE Tumbleweed:freerdp-sdl-3.21.0-2.1 openSUSE Tumbleweed:freerdp-server-3.21.0-2.1 openSUSE Tumbleweed:freerdp-wayland-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp-server-proxy3-3-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp3-3-3.21.0-2.1 openSUSE Tumbleweed:librdtk0-0-3.21.0-2.1 openSUSE Tumbleweed:libuwac0-0-3.21.0-2.1 openSUSE Tumbleweed:libwinpr3-3-3.21.0-2.1 openSUSE Tumbleweed:rdtk0-devel-3.21.0-2.1 openSUSE Tumbleweed:uwac0-devel-3.21.0-2.1 openSUSE Tumbleweed:winpr-devel-3.21.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-32660.html CVE-2024-32660 https://bugzilla.suse.com/1223347 SUSE Bug 1223347 FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available. CVE-2024-32661 openSUSE Tumbleweed:freerdp-3.21.0-2.1 openSUSE Tumbleweed:freerdp-devel-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-plugins-3.21.0-2.1 openSUSE Tumbleweed:freerdp-sdl-3.21.0-2.1 openSUSE Tumbleweed:freerdp-server-3.21.0-2.1 openSUSE Tumbleweed:freerdp-wayland-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp-server-proxy3-3-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp3-3-3.21.0-2.1 openSUSE Tumbleweed:librdtk0-0-3.21.0-2.1 openSUSE Tumbleweed:libuwac0-0-3.21.0-2.1 openSUSE Tumbleweed:libwinpr3-3-3.21.0-2.1 openSUSE Tumbleweed:rdtk0-devel-3.21.0-2.1 openSUSE Tumbleweed:uwac0-devel-3.21.0-2.1 openSUSE Tumbleweed:winpr-devel-3.21.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-32661.html CVE-2024-32661 https://bugzilla.suse.com/1223348 SUSE Bug 1223348 A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system. CVE-2025-4478 openSUSE Tumbleweed:freerdp-3.21.0-2.1 openSUSE Tumbleweed:freerdp-devel-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-3.21.0-2.1 openSUSE Tumbleweed:freerdp-proxy-plugins-3.21.0-2.1 openSUSE Tumbleweed:freerdp-sdl-3.21.0-2.1 openSUSE Tumbleweed:freerdp-server-3.21.0-2.1 openSUSE Tumbleweed:freerdp-wayland-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp-server-proxy3-3-3.21.0-2.1 openSUSE Tumbleweed:libfreerdp3-3-3.21.0-2.1 openSUSE Tumbleweed:librdtk0-0-3.21.0-2.1 openSUSE Tumbleweed:libuwac0-0-3.21.0-2.1 openSUSE Tumbleweed:libwinpr3-3-3.21.0-2.1 openSUSE Tumbleweed:rdtk0-devel-3.21.0-2.1 openSUSE Tumbleweed:uwac0-devel-3.21.0-2.1 openSUSE Tumbleweed:winpr-devel-3.21.0-2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-4478.html CVE-2025-4478 https://bugzilla.suse.com/1243109 SUSE Bug 1243109