CVE-2026-33995
- Source
- https://cve.org/CVERecord?id=CVE-2026-33995
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-33995.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2026-33995
- Aliases
-
- GHSA-mv25-f4p2-5mxx
- Downstream
- Related
- Published
- 2026-03-30T21:43:49.873Z
- Modified
- 2026-05-30T05:47:33.628187Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- FreeRDP: Possible double free in kerberos_AcceptSecurityContext
- Details
-
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, a double-free vulnerability in kerberosAcceptSecurityContext() and kerberosInitializeSecurityContextA() (WinPR, winpr/libwinpr/sspi/Kerberos/kerberos.c) can cause a crash in any FreeRDP clients on systems where Kerberos and/or Kerberos U2U is configured (Samba AD member, or krb5 for NFS). The crash is triggered during NLA connection teardown and requires a failed authentication attempt. This issue has been patched in version 3.24.2.
- Database specific
{ "cwe_ids": [ "CWE-415" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/33xxx/CVE-2026-33995.json", "cna_assigner": "GitHub_M", "unresolved_ranges": [ { "extracted_events": [ { "fixed": "3.24.2" } ], "source": "AFFECTED_FIELD" } ] }- References
Affected packages
Git / github.com/freerdp/freerdp
Affected versions
1.*
1.0-beta1
1.0-beta2
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9
2.*
2.0.0
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
2.0.0-rc1
2.0.0-rc2
2.0.0-rc3
2.0.0-rc4
3.*
3.0.0
3.0.0-beta1
3.0.0-beta2
3.0.0-beta3
3.0.0-beta4
3.0.0-rc0
3.1.0
3.2.0
3.3.0
3.4.0
3.5.0
3.5.1
Database specific
vanir_signatures_modified
"2026-05-30T05:47:33Z"
vanir_signatures
[
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 3973.0,
"function_hash": "238143633398654507201364296480508618014"
},
"deprecated": false,
"id": "CVE-2026-33995-161a9362",
"signature_version": "v1",
"target": {
"function": "kerberos_AcceptSecurityContext",
"file": "winpr/libwinpr/sspi/Kerberos/kerberos.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 484.0,
"function_hash": "312975627917680012793500774217019728641"
},
"deprecated": false,
"id": "CVE-2026-33995-260f128b",
"signature_version": "v1",
"target": {
"function": "negotiate_FreeCredentialsHandle",
"file": "winpr/libwinpr/sspi/Negotiate/negotiate.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 229.0,
"function_hash": "16460176233854723599019559371890470914"
},
"deprecated": false,
"id": "CVE-2026-33995-3c79d95f",
"signature_version": "v1",
"target": {
"function": "credssp_FreeCredentialsHandle",
"file": "winpr/libwinpr/sspi/CredSSP/credssp.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 229.0,
"function_hash": "16460176233854723599019559371890470914"
},
"deprecated": false,
"id": "CVE-2026-33995-3ce635a9",
"signature_version": "v1",
"target": {
"function": "schannel_FreeCredentialsHandle",
"file": "winpr/libwinpr/sspi/Schannel/schannel.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 232.0,
"function_hash": "177960452924703698948711258227703233096"
},
"deprecated": false,
"id": "CVE-2026-33995-3f8edbd1",
"signature_version": "v1",
"target": {
"function": "kerberos_DeleteSecurityContext",
"file": "winpr/libwinpr/sspi/Kerberos/kerberos.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"threshold": 0.9,
"line_hashes": [
"262384228994036741267596322074289783304",
"44713147992728901224039320609358232665",
"317061882807920244834538611541761602424",
"118286855659044064715724574385624829211",
"120219651845039694781725571453721331439",
"340029966915400193181222903227493501751",
"221756639051125272987419931170346759470",
"156493476000878147792699242446591243723",
"87729099995235669254526246669532611619",
"116195470648629495645339880141355755496",
"114101761015448695539346022644281860506",
"137925516451185157891697666782910161588",
"87729099995235669254526246669532611619",
"116195470648629495645339880141355755496",
"114101761015448695539346022644281860506",
"137925516451185157891697666782910161588",
"135876109701616092981338147401315817848",
"68696619462828060059235289220670123533",
"291369659098184709707573265131911580394",
"329504801360601742214308551515745897397"
]
},
"deprecated": false,
"id": "CVE-2026-33995-477fa492",
"signature_version": "v1",
"target": {
"file": "winpr/libwinpr/sspi/Kerberos/kerberos.c"
},
"signature_type": "Line"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 479.0,
"function_hash": "159202808559067838327507011753189010490"
},
"deprecated": false,
"id": "CVE-2026-33995-50325d3b",
"signature_version": "v1",
"target": {
"function": "negotiate_DeleteSecurityContext",
"file": "winpr/libwinpr/sspi/Negotiate/negotiate.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"threshold": 0.9,
"line_hashes": [
"155618103437202111015196121196122035757",
"208393315365646318519286492273527623358",
"51121835483873009323390560717878735562",
"19594250912936460678934258197704730651",
"298992074853845437168973997844400800362",
"87117939474956572334842565037648613803",
"311926563937540730399758660109441563215"
]
},
"deprecated": false,
"id": "CVE-2026-33995-9fa89f9a",
"signature_version": "v1",
"target": {
"file": "winpr/libwinpr/sspi/CredSSP/credssp.c"
},
"signature_type": "Line"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 184.0,
"function_hash": "73069159185102437173371335106099634666"
},
"deprecated": false,
"id": "CVE-2026-33995-ae21c066",
"signature_version": "v1",
"target": {
"function": "schannel_DeleteSecurityContext",
"file": "winpr/libwinpr/sspi/Schannel/schannel.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 125.0,
"function_hash": "3127222078057907555886163133155380257"
},
"deprecated": false,
"id": "CVE-2026-33995-bb01c6a6",
"signature_version": "v1",
"target": {
"function": "ntlm_DeleteSecurityContext",
"file": "winpr/libwinpr/sspi/NTLM/ntlm.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"threshold": 0.9,
"line_hashes": [
"167133739886790516573498472974564369680",
"196988759073018240227519413923696896605",
"222018742498755029179130520883305300472",
"112116320735740223359353239064320513235",
"143840401904356889225110113909836303960",
"212732355478378066596513626510156007050",
"148706350194904462512333259513127409022",
"38288882237048424293801091197969888901",
"206818454688816751546799778867917761383",
"254915871516930349072344255301535032657"
]
},
"deprecated": false,
"id": "CVE-2026-33995-bc2e9acd",
"signature_version": "v1",
"target": {
"file": "winpr/libwinpr/sspi/Negotiate/negotiate.c"
},
"signature_type": "Line"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 246.0,
"function_hash": "151440993470553687071812792292281353800"
},
"deprecated": false,
"id": "CVE-2026-33995-bcdb7053",
"signature_version": "v1",
"target": {
"function": "kerberos_FreeCredentialsHandle",
"file": "winpr/libwinpr/sspi/Kerberos/kerberos.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 213.0,
"function_hash": "33810627702256896976508561385029533524"
},
"deprecated": false,
"id": "CVE-2026-33995-c6e6175e",
"signature_version": "v1",
"target": {
"function": "ntlm_FreeCredentialsHandle",
"file": "winpr/libwinpr/sspi/NTLM/ntlm.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"length": 6308.0,
"function_hash": "307812585918943996971558320392981377767"
},
"deprecated": false,
"id": "CVE-2026-33995-d33542d4",
"signature_version": "v1",
"target": {
"function": "kerberos_InitializeSecurityContextA",
"file": "winpr/libwinpr/sspi/Kerberos/kerberos.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"threshold": 0.9,
"line_hashes": [
"217586671321554574065959413365611393968",
"308582910469320627012927898922844089219",
"100166094569979141808765323516169208787",
"41095444624887877047891693996250538800",
"311441037002487662481739116322233356500",
"299269439459581963254589561313877265661",
"175618416166413878980166313439706213259",
"260846052665685233760030346720121640987",
"202748697251186895252788779605631909172",
"318848311342423097599802697677580419778",
"283874301775982079606497583352365769128",
"132657907370772565903691877750266405233"
]
},
"deprecated": false,
"id": "CVE-2026-33995-de8762ab",
"signature_version": "v1",
"target": {
"file": "winpr/libwinpr/sspi/Schannel/schannel.c"
},
"signature_type": "Line"
},
{
"source": "https://github.com/freerdp/freerdp/commit/8078b8af1359055972e4fb2f509f543b69169391",
"digest": {
"threshold": 0.9,
"line_hashes": [
"27499655661146415658839517238247150353",
"311118092638390291722404035300917828565",
"116039324683008459574054061619094612054",
"128316517213267724743230035612824363774",
"220083994263434457384144194219609688333",
"129318752196716762278984930001337910995",
"228282260635999545426479861027628897699"
]
},
"deprecated": false,
"id": "CVE-2026-33995-fbd7e824",
"signature_version": "v1",
"target": {
"file": "winpr/libwinpr/sspi/NTLM/ntlm.c"
},
"signature_type": "Line"
}
]
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-33995.json"