|
|
Log in / Subscribe / Register

Ubuntu alert USN-8004-1 (freerdp2)



From:
              noreply+usn-bot@canonical.com


To:
              ubuntu-security-announce@lists.ubuntu.com


Subject:
              [USN-8004-1] FreeRDP vulnerabilities


Date:
              Tue, 03 Feb 2026 22:51:09 +0000


Message-ID:
              <E1vnPEj-0002fE-BI@lists.ubuntu.com>


==========================================================================
Ubuntu Security Notice USN-8004-1
February 03, 2026

freerdp2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in FreeRDP.

Software Description:
- freerdp2: RDP client for Windows Terminal Services

Details:

Kim Dong Han discovered that FreeRDP did not correctly validate the size of
certain variables, which could cause a buffer overflow. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  libfreerdp2-2t64                2.11.5+dfsg1-1ubuntu0.1~esm3
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libfreerdp2-2                   2.6.1+dfsg1-3ubuntu2.8

Ubuntu 20.04 LTS
  libfreerdp2-2                   2.6.1+dfsg1-0ubuntu0.20.04.2+esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libfreerdp2-2                   2.2.0+dfsg1-0ubuntu0.18.04.4+esm3
                                  Available with Ubuntu Pro

After a standard system update you need to restart your session to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-8004-1
  CVE-2026-23530, CVE-2026-23531, CVE-2026-23532, CVE-2026-23533,
  CVE-2026-23534

Package Information:
  https://launchpad.net/ubuntu/+source/freerdp2/2.6.1+dfsg1...




Attachment: signature.asc (type=application/pgp-signature)

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmmCe4wACgkQcpJm3tlz
hgHW8hAAtepxB/ONRe1lK5yJ4UbaV8eqDJ7mrP9L2DPLmzThzpRWtOrGYNcI6yDj
r72NrkdsNYZhAzeD7rSiBTp8SYYGp8fxsnJl0A2iVFuBcJi/lYRg5sS9P08YVqFk
4kyNcAzkNavCtI4V2UnBCkR75ZV8zxgSBy9K58J63q8Zcz9ujTLmU7E1/4YhXot8
BjQ6sQGQCKfwr0i2QGr6ytCvD/aM6ea0wrGucOcVEpy2QIyOKD3pvvg3Da6Fj8xv
mbGRRsrNHKDv3+O57SBLGS+HP6SWkUwnIpFiO0Fz79xvmynx7DJg3a1qL3G5/4gO
Sdn3qJCDmwctZiUt3avrfzuCeH61rMHbpMVtLxSW2Fyzk5rO2BB7YSqzOyhh5FFt
6wysjjS3/g1MbG4xPC2n7YhCTLZ1U11rpyMjN7R2YwZQKZlYtS82fR+5akvC5TWC
l/10XjXC7agHD3gvsDv1tFguKeSiaC7Z+W0g6vb7MFKHlou8W8Km7jVKpkb2swut
+gaJngAEI3aSxcGOvEP9xzCEBqgQzS6Hsd8tbno8okAUy5rUoG8PWiAoSzPgysPK
wA1wTINRW6CE0ntA+Xy8jBLo2npGwCU7JP+7vmbntsbICKBDvfGKo1E9X62tePgx
ZK5e3TtgNaHjmLbh1tDm4PZqbY9h2eRVY/2lwPJZUMKN5dEzFZ0=
=9z2u
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds