CVE-2026-56297

Public on 2026-07-08
Modified on 2026-07-10
Description
FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcman_channel_close and dvcman_call_on_receive due to improper synchronization of channel_callback access. A malicious RDP server can trigger a race condition by sending DYNVC_DATA and DYNVC_CLOSE messages concurrently, causing heap-use-after-free in the drdynvc client thread and potentially enabling remote code execution or denial of service.
Severity
Important severity
Important
See what this means
CVSS v3 Base Score
8.1
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core freerdp Pending Fix
Amazon Linux 2023 freerdp Pending Fix

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD CVSSv3 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H