QwikSec

Security Database

CVE

CWE

Training

CVE-2026-25955

Published: Feb 25, 2026

Modified: Feb 26, 2026

PUBLISHED

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `surface->data` without invalidating the `appWindow->image` that aliases it. Version 3.23.0 fixes the issue.

Vendor	Product	Versions
FreeRDP	FreeRDP	affected `< 3.23.0`

Weaknesses (CWE)

References

https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4g54-x8v7-559x

x_refsource_CONFIRM

https://github.com/FreeRDP/FreeRDP/commit/169d358734509e82663a0d6a0085ae726d439d8e

x_refsource_MISC

https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_window.c#L1484-L1492

x_refsource_MISC

https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_window.c#L1494-L1500

x_refsource_MISC

https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/client/X11/xf_window.c#L1528

x_refsource_MISC

https://github.com/FreeRDP/FreeRDP/blob/5c7aae27d0417b42b4806c2a5c583ca39dd9ef1e/libfreerdp/gdi/gfx.c#L1224-L1227

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.