SUSE-SU-2026:1164-1

Details

This update for freerdp2 fixes the following issues:

CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).
CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).
CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).
CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution (bsc#1259653).
CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).
CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).

Affected Packages

freerdp2

SUSE Linux Enterprise Module for Package Hub 15 SP7SUSE Linux Enterprise Workstation Extension 15 SP7

Fixed in:

2.11.7-150700.3.14.1

winpr2-devel

SUSE Linux Enterprise Module for Package Hub 15 SP7SUSE Linux Enterprise Workstation Extension 15 SP7

Fixed in:

2.11.7-150700.3.14.1

freerdp2-devel

SUSE Linux Enterprise Workstation Extension 15 SP7

Fixed in: