DEBIAN-CVE-2026-27015
- Source
- https://security-tracker.debian.org/tracker/CVE-2026-27015
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2026-27015.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2026-27015
- Upstream
- Published
- 2026-02-25T21:16:43.203Z
- Modified
- 2026-03-11T07:38:16.555727Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in
smartcard_unpack_read_size_align()(libfreerdp/utils/smartcard_pack.c:1703) allows a malicious RDP server to crash the FreeRDP client via a reachableWINPR_ASSERT→abort(). The crash occurs in upstream builds whereWITH_VERBOSE_WINPR_ASSERT=ON(default in FreeRDP 3.22.0 / current WinPR CMake defaults). Smartcard redirection must be explicitly enabled by the user (e.g.,xfreerdp /smartcard;/smartcard-logonimplies/smartcard). Version 3.23.0 fixes the issue. - References
Affected packages
Debian:11 / freerdp2
Package
- Name
- freerdp2
- Purl
- pkg:deb/debian/freerdp2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.3.0+dfsg1-2
2.3.0+dfsg1-2+deb11u1
2.3.0+dfsg1-2+deb11u2
2.3.0+dfsg1-2+deb11u3
2.4.1+dfsg1-1
2.5.0+dfsg1-1
2.6.0+dfsg1-1
2.6.1+dfsg1-1
2.6.1+dfsg1-2
2.6.1+dfsg1-3~bpo11+1
2.6.1+dfsg1-3
2.7.0+dfsg1-1~bpo11+1
2.7.0+dfsg1-1
2.8.0+dfsg1-1
2.8.1+dfsg1-1~bpo11+1
2.8.1+dfsg1-1
2.9.0+dfsg1-1~bpo11+1
2.9.0+dfsg1-1
2.10.0+dfsg1-1~bpo11+1
2.10.0+dfsg1-1
2.10.0+dfsg1-1.1
2.11.2+dfsg1-1
2.11.2+dfsg1-1.1~exp1
2.11.2+dfsg1-1.1~exp2
2.11.5+dfsg1-1
2.11.7+dfsg1-1
2.11.7+dfsg1-2
2.11.7+dfsg1-3
2.11.7+dfsg1-4
2.11.7+dfsg1-5
2.11.7+dfsg1-6~deb12u1
2.11.7+dfsg1-6
Debian:12 / freerdp2
Package
- Name
- freerdp2
- Purl
- pkg:deb/debian/freerdp2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / freerdp3
Package
- Name
- freerdp3
- Purl
- pkg:deb/debian/freerdp3?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.15.0+dfsg-2.1
3.16.0+dfsg-1
3.16.0+dfsg-2
3.17.0+dfsg-1
3.17.1+dfsg-1
3.17.1+dfsg-2
3.17.2+dfsg-1
3.17.2+dfsg-2
3.17.2+dfsg-3
3.18.0+dfsg-1
3.19.0+dfsg-1
3.19.1+dfsg-1
3.20.0+dfsg-1
3.20.2+dfsg-1
3.21.0+dfsg-1
3.22.0+dfsg-1~bpo13+0
3.22.0+dfsg-1~bpo13+1
3.22.0+dfsg-1
3.22.0+dfsg-3
3.23.0+dfsg-1~bpo13+1
3.23.0+dfsg-1
Debian:14 / freerdp3
Package
- Name
- freerdp3
- Purl
- pkg:deb/debian/freerdp3?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.23.0+dfsg-1
Affected versions
3.*
3.15.0+dfsg-2.1
3.16.0+dfsg-1
3.16.0+dfsg-2
3.17.0+dfsg-1
3.17.1+dfsg-1
3.17.1+dfsg-2
3.17.2+dfsg-1
3.17.2+dfsg-2
3.17.2+dfsg-3
3.18.0+dfsg-1
3.19.0+dfsg-1
3.19.1+dfsg-1
3.20.0+dfsg-1
3.20.2+dfsg-1
3.21.0+dfsg-1
3.22.0+dfsg-1~bpo13+0
3.22.0+dfsg-1~bpo13+1
3.22.0+dfsg-1
3.22.0+dfsg-3
3.23.0+dfsg-1~bpo13+1