CVE-2026-22853

Publication date 14 January 2026

Last updated 27 February 2026

Ubuntu priority

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndr_read_uint8Array. This vulnerability is fixed in 3.20.1.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
freerdp	25.10 questing	Not in release
	25.04 plucky	Not in release
	24.04 LTS noble	Not in release
	22.04 LTS jammy	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
freerdp2	25.10 questing	Not in release
	25.04 plucky	Ignored end of life, was needs-triage
	24.04 LTS noble	Not affected
	22.04 LTS jammy	Not affected
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not affected
freerdp3	25.10 questing	Vulnerable
	25.04 plucky	Ignored end of life, was needs-triage
	24.04 LTS noble	Not affected
	22.04 LTS jammy	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
freerdp3	Upstream: 668fcb4 Upstream: 19f48dc

CVE-2026-22853

Description

Status

Patch details

References

Other references