CVE-2026-44420 - FreeRDP cliprdr server heap overflow
FreeRDP before 3.26.0 can corrupt heap memory in the server-side clipboard
redirection channel. A malicious RDP client that reaches a FreeRDP-based server
with cliprdr enabled can send an undersized capability set length during the
clipboard capability exchange, causing a small allocation followed by a larger
structure write.
At minimum, this is a remote server crash. The advisory rates the impact as High because heap corruption may be exploitable for code execution depending on allocator behavior and build hardening.
When to use it
Use this recipe when a product, appliance, remote-support service, or CI image
embeds FreeRDP server components or exposes RDP clipboard redirection. It
supports source-code remediation, exposed-service hardening, configuration
review, and audit evidence that untrusted RDP clients cannot reach vulnerable
cliprdr server handling.
Inputs
- FreeRDP version, package manifests, container images, server configuration, clipboard redirection settings, and network exposure.
- Source/config paths that enable
cliprdr, start FreeRDP server mode, package RDP services, or document remote clipboard support. - Non-exploit validation fixtures for version resolution, disabled clipboard redirection, allowed client profiles, and network reachability.
- Boundary evidence: reachable RDP endpoints, authentication controls, build hardening, crash telemetry, and rollout owner.
Affected versions
- Vulnerable: FreeRDP
<=3.25.0 - Fixed: FreeRDP
3.26.0+ - Affected surface: FreeRDP-based servers with the server-side
cliprdrclipboard channel reachable by RDP clients - Not this CVE: FreeRDP client-side RDPGFX CacheToSurface issues have
separate CVE/GHSA identifiers, even though
3.26.0is also the patched release line for those late-May FreeRDP advisories.
Indicator-of-exposure
- The repository builds, vendors, packages, or deploys FreeRDP
<=3.25.0. - Server-side FreeRDP components, proxy/shadow services, test harnesses, remote desktop gateways, or appliance images enable clipboard redirection.
- RDP clients outside a fully trusted admin group can reach the service.
- The FreeRDP server process has access to desktop sessions, secrets, credentials, shared drives, jump-host networks, or management APIs.
- Container, distro, or appliance packages lag behind upstream FreeRDP
3.26.0.
Quick checks:
rg -n "freerdp|FreeRDP|xfreerdp|wfreerdp|cliprdr|clipboard|WITH_SERVER|WITH_SHADOW|WITH_PROXY|rdp|3389" .
pkg-config --modversion freerdp3
xfreerdp /version
docker image ls | rg 'freerdp|rdp|remote'
Windows:
rg -n "freerdp|FreeRDP|xfreerdp|wfreerdp|cliprdr|clipboard|WITH_SERVER|WITH_SHADOW|WITH_PROXY|rdp|3389" .
where xfreerdp
xfreerdp /version
docker image ls | rg 'freerdp|rdp|remote'
Do not run the advisory proof of concept, fuzz live RDP services, or send malformed clipboard PDUs during repository triage.
Remediation strategy
- Upgrade every repository-controlled FreeRDP build, vendored source checkout,
package pin, base image, appliance image, and SBOM entry to
3.26.0+. - Refresh package checksums, CMake build metadata, container layers, distro package manifests, generated dependency reports, and deployment docs.
- Disable server-side clipboard redirection by default for internet-facing, partner-facing, shared, or tenant-facing RDP services unless explicitly required and reviewed.
- Restrict RDP reachability to trusted networks and authenticated users while rollout completes.
- If a vulnerable server was exposed to untrusted RDP clients, treat crashes or unusual clipboard channel activity as incident signals and review logs before rotating credentials available to the session host.
The prompt
You are remediating CVE-2026-44420 / GHSA-mvpx-xj7r-3p3r, a FreeRDP
server-side cliprdr heap-buffer-overflow reachable by a malicious RDP client.
Produce exactly one output:
- A reviewer-ready PR/change request that upgrades all repository-controlled
FreeRDP server builds or packages to 3.26.0+, disables unnecessary
server-side clipboard redirection, adds safe regression checks, and documents
operator cleanup, or
- TRIAGE.md if this repository does not own an affected FreeRDP server,
package, image, or deployment artifact.
## Rules
- Scope only CVE-2026-44420 / GHSA-mvpx-xj7r-3p3r and directly related FreeRDP
server-side clipboard exposure.
- Treat desktop session data, clipboard contents, credentials, jump-host
routes, private hostnames, RDP recordings, crash dumps, and service logs as
sensitive.
- Do not run public proof-of-concept code, fuzz live RDP services, send
malformed clipboard PDUs, capture user clipboard contents, or expose RDP
services for testing.
- Do not disable authentication, authorization, TLS, network allow-lists,
session isolation, crash monitoring, or tests to make the alert disappear.
- Do not auto-merge.
## Steps
1. Inventory every FreeRDP surface controlled by this repository: vendored
source, submodules, CMake options, package manager pins, distro packages,
Dockerfiles, base images, appliance manifests, Helm charts, Kubernetes
manifests, compose files, SBOMs, generated dependency reports, test
harnesses, shadow/proxy services, and RDP gateway configs.
2. Determine every resolved FreeRDP version. A target is vulnerable if it
resolves to `3.25.0` or earlier and provides server-side FreeRDP components.
3. Search for clipboard and server exposure:
`cliprdr`, clipboard redirection flags, `WITH_SERVER`, `WITH_SHADOW`,
`WITH_PROXY`, `3389`, RDP ingress, remote desktop gateway routes, partner
access, test servers, and appliance defaults.
4. If this repository only contains an RDP client, docs, or a scanner finding
for an externally owned server image, stop with `TRIAGE.md` naming checked
evidence, external owner, and required fixed version.
5. Upgrade all controlled FreeRDP builds and packages to `3.26.0+`. Refresh
package checksums, lockfiles, generated manifests, image digests, SBOMs,
dependency reports, release notes, and deployment docs.
6. Harden server exposure where this repo owns configuration:
- disable clipboard redirection by default unless it is explicitly required;
- require an owner and documented exception for exposed cliprdr use;
- restrict RDP ingress to trusted networks and authenticated users;
- keep crash reporting and channel-level telemetry enabled without logging
clipboard content.
7. Add safe regression checks that do not exploit the bug:
- resolved FreeRDP version is `3.26.0+`;
- server images do not expose clipboard redirection by default;
- RDP ingress is restricted to approved networks or identity gates;
- SBOMs and generated dependency reports agree with the fixed package.
8. Add a PR body section named `CVE-2026-44420 operator actions` that states:
- FreeRDP versions before and after;
- which server-side FreeRDP components are present;
- whether clipboard redirection remains enabled and who approved it;
- which RDP services were reachable by untrusted clients;
- whether crash logs, RDP gateway logs, or clipboard channel telemetry need
review;
- which validation commands passed.
9. If immediate upgrade is blocked, add temporary containment where this repo
controls it:
- disable server-side clipboard redirection;
- restrict RDP access to trusted networks or a VPN;
- remove public/partner ingress;
- document owner, expiration, and residual risk because containment is not a
complete fix.
10. Run available validation: package install or build, CMake configure/build
checks, unit/integration tests without malformed PDUs, image build,
deployment rendering, SBOM refresh, dependency/security scans, and config
policy checks.
11. Use PR title:
`fix(sec): remediate CVE-2026-44420 in FreeRDP server`.
## Stop conditions
- No repository-controlled FreeRDP server component, image, or deployment
artifact exists.
- The affected FreeRDP binary is supplied only by a vendor appliance or
platform image outside this repository's ownership.
- A fixed FreeRDP package cannot be consumed without a broader RDP gateway or
base-image migration.
- Verification would require proof-of-concept packets, live service fuzzing,
user clipboard capture, production crash dumps, or secrets.
- Validation fails for unrelated pre-existing reasons; document those failures
instead of broadening scope.
Output contract
- A reviewer-ready PR or change request that upgrades FreeRDP, disables clipboard redirection where exposed, adds configuration checks, and documents deployment rollout.
- Or a
TRIAGE.mdfile that lists inspected files, owner, observed version, RDP exposure, clipboard setting, required fix, and residual risk. - The output must include exact validation commands and must not send malformed RDP capability payloads, crash production services, or expose session data.
Verification - what the reviewer looks for
- No repository-controlled server build, package pin, image, SBOM, or generated
dependency report resolves FreeRDP
<=3.25.0. - FreeRDP server-side clipboard redirection is disabled by default or has a documented owner-approved exception.
- RDP ingress is restricted while rollout completes.
- Regression checks do not send malformed RDP or clipboard traffic.
- Operator notes cover log review and credential/session cleanup if vulnerable RDP servers were reachable by untrusted clients.
Watch for
- Updating upstream source while distro packages or base images still ship an older FreeRDP binary.
- Treating client-only scans and server-side exposure as the same finding.
- Leaving clipboard redirection enabled in test gateways, partner appliances, or “temporary” jump-host images.
- SBOMs that list FreeRDP libraries but omit the server/proxy/shadow binaries.
- Validation that proves RDP still connects but never asserts the patched version or cliprdr exposure policy.
Related recipes
- Source code attack surface map
- Source code supply chain build integrity audit
- NIST SSDF repository evidence check
- SAST finding triage and fix
References
- GitHub Advisory: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mvpx-xj7r-3p3r
- NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-44420
- FreeRDP release 3.26.0: https://github.com/FreeRDP/FreeRDP/releases/tag/3.26.0