Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2026-24684 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, the RDPSND async playback thread can process queued PDUs after the | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2026-24683 | FreeRDP is a free implementation of the Remote Desktop Protocol. ainput_send_input_event caches channel_callback in a local variable and later uses i | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2026-24681 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, aAsynchronous bulk transfer completions can use a freed channel cal | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2026-24680 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, sdl_Pointer_New frees data on failure, then pointer_free calls sdl_ | freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 |
| CVE | CVE-2026-24678 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, A capture thread sends sample responses using a freed channel callb | freerdp3 freerdp3 freerdp3 freerdp3 |
| CVE | CVE-2026-24676 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, AUDIN format renegotiation frees the active format list while the c | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2026-24682 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, audin_server_recv_formats frees an incorrect number of audio format | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2026-24679 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, The URBDRC client uses server-supplied interface numbers as array i | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2026-24677 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecam_encoder_compress_h264 trusts server-controlled dimensions and | freerdp3 freerdp3 freerdp3 freerdp3 |
| CVE | CVE-2026-24675 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, urb_select_interface can free the device's MS config on error but l | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2026-24491 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, video_timer can send client notifications after the control channel | freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 freerdp3 |
| CVE | CVE-2026-23948 | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2 | freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 freerdp3 freerdp3 freerdp3 freerdp3 freerdp2 freerdp2 |
| CVE | CVE-2025-69223 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a Do | python-aiohttp python-aiohttp |
| CVE | CVE-2025-69227 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when as | python-aiohttp python-aiohttp |
| CVE | CVE-2025-69229 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result | python-aiohttp python-aiohttp |
| CVE | CVE-2025-69228 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way | python-aiohttp python-aiohttp |
| CVE | CVE-2025-69226 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existen | python-aiohttp python-aiohttp |
| CVE | CVE-2025-69225 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII | python-aiohttp python-aiohttp |
| CVE | CVE-2025-69224 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a reque | python-aiohttp python-aiohttp |
| Launchpad | 2127205 | pkcs11-tool is sending null sha-1 digest to Openssl on FIPS enabled ubuntu 24.04 | opensc |
About
-
Send Feedback to @ubuntu_updates
