freerdp2-2.11.7-4.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2026:10176-1 Final 1 1 2026-02-11T00:00:00Z current 2026-02-11T00:00:00Z 2026-02-11T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z freerdp2-2.11.7-4.1 on GA media These are all security issues fixed in the freerdp2-2.11.7-4.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2026-10176 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-22211/ SUSE CVE CVE-2024-22211 page https://www.suse.com/security/cve/CVE-2026-22852/ SUSE CVE CVE-2026-22852 page https://www.suse.com/security/cve/CVE-2026-22854/ SUSE CVE CVE-2026-22854 page https://www.suse.com/security/cve/CVE-2026-22856/ SUSE CVE CVE-2026-22856 page https://www.suse.com/security/cve/CVE-2026-22859/ SUSE CVE CVE-2026-22859 page https://www.suse.com/security/cve/CVE-2026-23530/ SUSE CVE CVE-2026-23530 page https://www.suse.com/security/cve/CVE-2026-23531/ SUSE CVE CVE-2026-23531 page https://www.suse.com/security/cve/CVE-2026-23532/ SUSE CVE CVE-2026-23532 page https://www.suse.com/security/cve/CVE-2026-23534/ SUSE CVE CVE-2026-23534 page openSUSE Tumbleweed freerdp2-2.11.7-4.1 freerdp2-devel-2.11.7-4.1 freerdp2-proxy-2.11.7-4.1 freerdp2-server-2.11.7-4.1 libfreerdp2-2-2.11.7-4.1 libwinpr2-2-2.11.7-4.1 winpr2-devel-2.11.7-4.1 freerdp2-2.11.7-4.1 as a component of openSUSE Tumbleweed freerdp2-devel-2.11.7-4.1 as a component of openSUSE Tumbleweed freerdp2-proxy-2.11.7-4.1 as a component of openSUSE Tumbleweed freerdp2-server-2.11.7-4.1 as a component of openSUSE Tumbleweed libfreerdp2-2-2.11.7-4.1 as a component of openSUSE Tumbleweed libwinpr2-2-2.11.7-4.1 as a component of openSUSE Tumbleweed winpr2-devel-2.11.7-4.1 as a component of openSUSE Tumbleweed FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability. CVE-2024-22211 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-22211.html CVE-2024-22211 https://bugzilla.suse.com/1219049 SUSE Bug 1219049 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash. This vulnerability is fixed in 3.20.1. CVE-2026-22852 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-22852.html CVE-2026-22852 https://bugzilla.suse.com/1256718 SUSE Bug 1256718 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory. This vulnerability is fixed in 3.20.1. CVE-2026-22854 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-22854.html CVE-2026-22854 https://bugzilla.suse.com/1256720 SUSE Bug 1256720 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use-after-free when one thread removes an entry from serial->IrpThreads while another reads it. This vulnerability is fixed in 3.20.1. CVE-2026-22856 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-22856.html CVE-2026-22856 https://bugzilla.suse.com/1256722 SUSE Bug 1256722 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server-supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out-of-bounds read. This vulnerability is fixed in 3.20.1. CVE-2026-22859 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-22859.html CVE-2026-22859 https://bugzilla.suse.com/1256725 SUSE Bug 1256725 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0,`freerdp_bitmap_decompress_planar` does not validate `nSrcWidth`/`nSrcHeight` against `planar->maxWidth`/`maxHeight` before RLE decode. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue. CVE-2026-23530 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-23530.html CVE-2026-23530 https://bugzilla.suse.com/1256940 SUSE Bug 1256940 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue. CVE-2026-23531 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-23531.html CVE-2026-23531 https://bugzilla.suse.com/1256941 SUSE Bug 1256941 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the FreeRDP client's `gdi_SurfaceToSurface` path due to a mismatch between destination rectangle clamping and the actual copy size. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue. CVE-2026-23532 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-23532.html CVE-2026-23532 https://bugzilla.suse.com/1256942 SUSE Bug 1256942 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, a client-side heap buffer overflow occurs in the ClearCodec bands decode path when crafted band coordinates allow writes past the end of the destination surface buffer. A malicious server can trigger a client-side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code-execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue. CVE-2026-23534 openSUSE Tumbleweed:freerdp2-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-devel-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-proxy-2.11.7-4.1 openSUSE Tumbleweed:freerdp2-server-2.11.7-4.1 openSUSE Tumbleweed:libfreerdp2-2-2.11.7-4.1 openSUSE Tumbleweed:libwinpr2-2-2.11.7-4.1 openSUSE Tumbleweed:winpr2-devel-2.11.7-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2026-23534.html CVE-2026-23534 https://bugzilla.suse.com/1256944 SUSE Bug 1256944