{"id":"USN-8105-2","summary":"freerdp3 regression","details":"USN-8105-1 fixed vulnerabilities in FreeRDP. The update introduced a\nregression which could cause FreeRDP to crash. This update fixes the\nproblem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\n It was discovered that FreeRDP incorrectly handled certain RDP packets. A\n remote attacker could use this issue to cause FreeRDP to crash, resulting\n in a denial of service, or possibly execute arbitrary code.","modified":"2026-03-20T08:14:08.179369Z","published":"2026-03-19T17:31:34Z","related":["UBUNTU-CVE-2026-27951"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8105-2"},{"type":"REPORT","url":"https://launchpad.net/bugs/2144889"}],"affected":[{"package":{"name":"freerdp3","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/freerdp3@3.5.1+dfsg1-0ubuntu1.5?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.1+dfsg1-0ubuntu1.5"}]}],"versions":["3.4.0+dfsg1-0ubuntu2","3.4.0+dfsg1-0ubuntu3","3.4.0+dfsg1-0ubuntu4","3.5.0+dfsg1-0ubuntu1","3.5.1+dfsg1-0ubuntu1","3.5.1+dfsg1-0ubuntu1.1","3.5.1+dfsg1-0ubuntu1.2","3.5.1+dfsg1-0ubuntu1.4"],"ecosystem_specific":{"binaries":[{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"freerdp3-dev"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"freerdp3-shadow-x11"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"freerdp3-wayland"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"freerdp3-x11"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libfreerdp-client3-3"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libfreerdp-server3-3"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libfreerdp-shadow-subsystem3-3"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libfreerdp-shadow3-3"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libfreerdp3-3"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libwinpr-tools3-3"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libwinpr3-3"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"libwinpr3-dev"},{"binary_version":"3.5.1+dfsg1-0ubuntu1.5","binary_name":"winpr3-utils"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8105-2.json"}},{"package":{"name":"freerdp3","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/freerdp3@3.16.0+dfsg-2ubuntu0.4?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.16.0+dfsg-2ubuntu0.4"}]}],"versions":["3.14.0+dfsg-1ubuntu1","3.15.0+dfsg-2.1","3.16.0+dfsg-1ubuntu1","3.16.0+dfsg-2","3.16.0+dfsg-2ubuntu0.1","3.16.0+dfsg-2ubuntu0.3"],"ecosystem_specific":{"binaries":[{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"freerdp3-dev"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"freerdp3-proxy"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"freerdp3-proxy-modules"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"freerdp3-sdl"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"freerdp3-shadow-x11"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"freerdp3-wayland"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"freerdp3-x11"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libfreerdp-client3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libfreerdp-server-proxy3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libfreerdp-server3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libfreerdp-shadow-subsystem3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libfreerdp-shadow3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libfreerdp3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libwinpr-tools3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libwinpr3-3"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"libwinpr3-dev"},{"binary_version":"3.16.0+dfsg-2ubuntu0.4","binary_name":"winpr3-utils"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:25.10","cves":[]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8105-2.json"}}],"schema_version":"1.7.5"}