CVE-2026-44420 - FreeRDP cliprdr server heap overflow

FreeRDP before 3.26.0 can corrupt heap memory in the server-side clipboard redirection channel. A malicious RDP client that reaches a FreeRDP-based server with cliprdr enabled can send an undersized capability set length during the clipboard capability exchange, causing a small allocation followed by a larger structure write.

At minimum, this is a remote server crash. The advisory rates the impact as High because heap corruption may be exploitable for code execution depending on allocator behavior and build hardening.

When to use it

Use this recipe when a product, appliance, remote-support service, or CI image embeds FreeRDP server components or exposes RDP clipboard redirection. It supports source-code remediation, exposed-service hardening, configuration review, and audit evidence that untrusted RDP clients cannot reach vulnerable cliprdr server handling.

Inputs

  • FreeRDP version, package manifests, container images, server configuration, clipboard redirection settings, and network exposure.
  • Source/config paths that enable cliprdr, start FreeRDP server mode, package RDP services, or document remote clipboard support.
  • Non-exploit validation fixtures for version resolution, disabled clipboard redirection, allowed client profiles, and network reachability.
  • Boundary evidence: reachable RDP endpoints, authentication controls, build hardening, crash telemetry, and rollout owner.

Affected versions

  • Vulnerable: FreeRDP <=3.25.0
  • Fixed: FreeRDP 3.26.0+
  • Affected surface: FreeRDP-based servers with the server-side cliprdr clipboard channel reachable by RDP clients
  • Not this CVE: FreeRDP client-side RDPGFX CacheToSurface issues have separate CVE/GHSA identifiers, even though 3.26.0 is also the patched release line for those late-May FreeRDP advisories.

Indicator-of-exposure

  • The repository builds, vendors, packages, or deploys FreeRDP <=3.25.0.
  • Server-side FreeRDP components, proxy/shadow services, test harnesses, remote desktop gateways, or appliance images enable clipboard redirection.
  • RDP clients outside a fully trusted admin group can reach the service.
  • The FreeRDP server process has access to desktop sessions, secrets, credentials, shared drives, jump-host networks, or management APIs.
  • Container, distro, or appliance packages lag behind upstream FreeRDP 3.26.0.

Quick checks:

rg -n "freerdp|FreeRDP|xfreerdp|wfreerdp|cliprdr|clipboard|WITH_SERVER|WITH_SHADOW|WITH_PROXY|rdp|3389" .
pkg-config --modversion freerdp3
xfreerdp /version
docker image ls | rg 'freerdp|rdp|remote'

Windows:

rg -n "freerdp|FreeRDP|xfreerdp|wfreerdp|cliprdr|clipboard|WITH_SERVER|WITH_SHADOW|WITH_PROXY|rdp|3389" .
where xfreerdp
xfreerdp /version
docker image ls | rg 'freerdp|rdp|remote'

Do not run the advisory proof of concept, fuzz live RDP services, or send malformed clipboard PDUs during repository triage.

Remediation strategy

  • Upgrade every repository-controlled FreeRDP build, vendored source checkout, package pin, base image, appliance image, and SBOM entry to 3.26.0+.
  • Refresh package checksums, CMake build metadata, container layers, distro package manifests, generated dependency reports, and deployment docs.
  • Disable server-side clipboard redirection by default for internet-facing, partner-facing, shared, or tenant-facing RDP services unless explicitly required and reviewed.
  • Restrict RDP reachability to trusted networks and authenticated users while rollout completes.
  • If a vulnerable server was exposed to untrusted RDP clients, treat crashes or unusual clipboard channel activity as incident signals and review logs before rotating credentials available to the session host.

The prompt

You are remediating CVE-2026-44420 / GHSA-mvpx-xj7r-3p3r, a FreeRDP
server-side cliprdr heap-buffer-overflow reachable by a malicious RDP client.
Produce exactly one output:

- A reviewer-ready PR/change request that upgrades all repository-controlled
  FreeRDP server builds or packages to 3.26.0+, disables unnecessary
  server-side clipboard redirection, adds safe regression checks, and documents
  operator cleanup, or
- TRIAGE.md if this repository does not own an affected FreeRDP server,
  package, image, or deployment artifact.

## Rules

- Scope only CVE-2026-44420 / GHSA-mvpx-xj7r-3p3r and directly related FreeRDP
  server-side clipboard exposure.
- Treat desktop session data, clipboard contents, credentials, jump-host
  routes, private hostnames, RDP recordings, crash dumps, and service logs as
  sensitive.
- Do not run public proof-of-concept code, fuzz live RDP services, send
  malformed clipboard PDUs, capture user clipboard contents, or expose RDP
  services for testing.
- Do not disable authentication, authorization, TLS, network allow-lists,
  session isolation, crash monitoring, or tests to make the alert disappear.
- Do not auto-merge.

## Steps

1. Inventory every FreeRDP surface controlled by this repository: vendored
   source, submodules, CMake options, package manager pins, distro packages,
   Dockerfiles, base images, appliance manifests, Helm charts, Kubernetes
   manifests, compose files, SBOMs, generated dependency reports, test
   harnesses, shadow/proxy services, and RDP gateway configs.
2. Determine every resolved FreeRDP version. A target is vulnerable if it
   resolves to `3.25.0` or earlier and provides server-side FreeRDP components.
3. Search for clipboard and server exposure:
   `cliprdr`, clipboard redirection flags, `WITH_SERVER`, `WITH_SHADOW`,
   `WITH_PROXY`, `3389`, RDP ingress, remote desktop gateway routes, partner
   access, test servers, and appliance defaults.
4. If this repository only contains an RDP client, docs, or a scanner finding
   for an externally owned server image, stop with `TRIAGE.md` naming checked
   evidence, external owner, and required fixed version.
5. Upgrade all controlled FreeRDP builds and packages to `3.26.0+`. Refresh
   package checksums, lockfiles, generated manifests, image digests, SBOMs,
   dependency reports, release notes, and deployment docs.
6. Harden server exposure where this repo owns configuration:
   - disable clipboard redirection by default unless it is explicitly required;
   - require an owner and documented exception for exposed cliprdr use;
   - restrict RDP ingress to trusted networks and authenticated users;
   - keep crash reporting and channel-level telemetry enabled without logging
     clipboard content.
7. Add safe regression checks that do not exploit the bug:
   - resolved FreeRDP version is `3.26.0+`;
   - server images do not expose clipboard redirection by default;
   - RDP ingress is restricted to approved networks or identity gates;
   - SBOMs and generated dependency reports agree with the fixed package.
8. Add a PR body section named `CVE-2026-44420 operator actions` that states:
   - FreeRDP versions before and after;
   - which server-side FreeRDP components are present;
   - whether clipboard redirection remains enabled and who approved it;
   - which RDP services were reachable by untrusted clients;
   - whether crash logs, RDP gateway logs, or clipboard channel telemetry need
     review;
   - which validation commands passed.
9. If immediate upgrade is blocked, add temporary containment where this repo
   controls it:
   - disable server-side clipboard redirection;
   - restrict RDP access to trusted networks or a VPN;
   - remove public/partner ingress;
   - document owner, expiration, and residual risk because containment is not a
     complete fix.
10. Run available validation: package install or build, CMake configure/build
    checks, unit/integration tests without malformed PDUs, image build,
    deployment rendering, SBOM refresh, dependency/security scans, and config
    policy checks.
11. Use PR title:
    `fix(sec): remediate CVE-2026-44420 in FreeRDP server`.

## Stop conditions

- No repository-controlled FreeRDP server component, image, or deployment
  artifact exists.
- The affected FreeRDP binary is supplied only by a vendor appliance or
  platform image outside this repository's ownership.
- A fixed FreeRDP package cannot be consumed without a broader RDP gateway or
  base-image migration.
- Verification would require proof-of-concept packets, live service fuzzing,
  user clipboard capture, production crash dumps, or secrets.
- Validation fails for unrelated pre-existing reasons; document those failures
  instead of broadening scope.

Output contract

  • A reviewer-ready PR or change request that upgrades FreeRDP, disables clipboard redirection where exposed, adds configuration checks, and documents deployment rollout.
  • Or a TRIAGE.md file that lists inspected files, owner, observed version, RDP exposure, clipboard setting, required fix, and residual risk.
  • The output must include exact validation commands and must not send malformed RDP capability payloads, crash production services, or expose session data.

Verification - what the reviewer looks for

  • No repository-controlled server build, package pin, image, SBOM, or generated dependency report resolves FreeRDP <=3.25.0.
  • FreeRDP server-side clipboard redirection is disabled by default or has a documented owner-approved exception.
  • RDP ingress is restricted while rollout completes.
  • Regression checks do not send malformed RDP or clipboard traffic.
  • Operator notes cover log review and credential/session cleanup if vulnerable RDP servers were reachable by untrusted clients.

Watch for

  • Updating upstream source while distro packages or base images still ship an older FreeRDP binary.
  • Treating client-only scans and server-side exposure as the same finding.
  • Leaving clipboard redirection enabled in test gateways, partner appliances, or “temporary” jump-host images.
  • SBOMs that list FreeRDP libraries but omit the server/proxy/shadow binaries.
  • Validation that proves RDP still connects but never asserts the patched version or cliprdr exposure policy.

References