Back

Critical Denial of Service Vulnerabilities in openSUSE freerdp

Severity: High (Score: 74.0)

Sources: Linuxsecurity

Summary

Multiple critical vulnerabilities have been identified in the freerdp component of openSUSE, affecting versions 15.4 and 15.6. The vulnerabilities include CVE-2026-25941, CVE-2026-25942, CVE-2026-25952, CVE-2026-25953, CVE-2026-25954, CVE-2026-25997, CVE-2026-26986, CVE-2026-27015, and CVE-2026-27951. These issues range from out-of-bounds reads to heap-use-after-free errors, which could lead to denial of service attacks. The vulnerabilities were published between February 25 and March 13, 2026, and patches have been released for affected systems. Users of openSUSE Leap 15.4 and 15.6 are advised to apply the patches immediately to mitigate potential exploitation. The vulnerabilities pose a significant risk to systems utilizing freerdp for remote desktop protocol services. Key Points: • Critical vulnerabilities in freerdp affect openSUSE Leap 15.4 and 15.6. • Patches are available for multiple CVEs, including CVE-2026-25941 and CVE-2026-27951. • Immediate action is required to prevent potential denial of service attacks.

Key Entities

  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • CVE-2026-25941 (cve)
  • CVE-2026-25942 (cve)
  • CVE-2026-25952 (cve)
  • CVE-2026-25953 (cve)
  • CVE-2026-25954 (cve)
  • CWE-120 - Classic Buffer Overflow (cwe)
  • Cwe-122 - Heap-based Buffer Overflow (cwe)
  • Cwe-125 - Out-of-bounds Read (cwe)
  • Cwe-416 - Use After Free (cwe)
  • Cwe-787 - Out-of-bounds Write (cwe)
  • FreeRDP (platform)
  • OpenSUSE Leap 15.6 (platform)
  • OpenSUSE (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed