Overview

File freerdp-CVE-2026-22857.patch of Package freerdp.42881

From e99e33aea8c5e480e224f4a167947dfacf4584a2 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Sun, 11 Jan 2026 09:12:37 +0100
Subject: [PATCH] [channels,serial] fix use after free

---
 channels/serial/client/serial_main.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

Index: freerdp-2.11.7/channels/serial/client/serial_main.c
===================================================================
--- freerdp-2.11.7.orig/channels/serial/client/serial_main.c
+++ freerdp-2.11.7/channels/serial/client/serial_main.c
@@ -489,12 +489,13 @@ static UINT serial_process_irp(SERIAL_DE
 static DWORD WINAPI irp_thread_func(LPVOID arg)
 {
 	IRP_THREAD_DATA* data = (IRP_THREAD_DATA*)arg;
-	UINT error;
 
 	/* blocks until the end of the request */
-	if ((error = serial_process_irp(data->serial, data->irp)))
+	UINT error = serial_process_irp(data->serial, data->irp);
+	if (error)
 	{
 		WLog_ERR(TAG, "serial_process_irp failed with error %" PRIu32 "", error);
+		data->irp->Discard(data->irp);
 		goto error_out;
 	}
openSUSE Build Service is sponsored by
Places