diff --git a/meta-oe/recipes-support/freerdp/freerdp/CVE-2023-39350.patch b/meta-oe/recipes-support/freerdp/freerdp/CVE-2023-39350.patch
new file mode 100644
index 0000000000..62599ba01f
--- /dev/null
+++ b/meta-oe/recipes-support/freerdp/freerdp/CVE-2023-39350.patch
@@ -0,0 +1,42 @@
+From 31ede2c7f721cb32a4a4c7ec843e9ddafb69ba53 Mon Sep 17 00:00:00 2001
+From: akallabeth <akallabeth@posteo.net>
+Date: Fri, 4 Aug 2023 13:55:40 +0200
+Subject: [PATCH] fix possible out of bound read
+
+Allows malicious servers to crash FreeRDP based clients
+reported by pwn2carr
+
+(cherry picked from commit a51952882f2eb3bbce6b69a7a4f9a54bf1dbb672)
+
+CVE: CVE-2023-39350
+Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/7ece410ce5b5660b9191e1ccb6835158afa11822]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ libfreerdp/codec/rfx.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/libfreerdp/codec/rfx.c b/libfreerdp/codec/rfx.c
+index 38eb1b9a4..bbd7aafa3 100644
+--- a/libfreerdp/codec/rfx.c
++++ b/libfreerdp/codec/rfx.c
+@@ -1129,8 +1129,18 @@ BOOL rfx_process_message(RFX_CONTEXT* context, const BYTE* data, UINT32 length,
+ 			}
+ 		}
+ 
+-		Stream_StaticInit(&subStream, Stream_Pointer(s), blockLen - (6 + extraBlockLen));
+-		Stream_Seek(s, blockLen - (6 + extraBlockLen));
++		const size_t blockLenNoHeader = blockLen - 6;
++		if (blockLenNoHeader < extraBlockLen)
++		{
++			WLog_Print(context->priv->log, WLOG_ERROR,
++			           "blockLen too small(%" PRIu32 "), must be >= 6 + %" PRIu16, blockLen,
++			           extraBlockLen);
++			return FALSE;
++		}
++
++		const size_t subStreamLen = blockLenNoHeader - extraBlockLen;
++		Stream_StaticInit(&subStream, Stream_Pointer(s), subStreamLen);
++		Stream_Seek(s, subStreamLen);
+ 
+ 		switch (blockType)
+ 		{
diff --git a/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb b/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb
index 7cadae3d45..a104f33e52 100644
--- a/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb
+++ b/meta-oe/recipes-support/freerdp/freerdp_2.6.1.bb
@@ -21,6 +21,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=stable-2.0;protocol=https
            file://CVE-2022-24883.patch \
            file://CVE-2022-39282.patch \
            file://CVE-2022-39320.patch \
+           file://CVE-2023-39350.patch \
            "
 
 S = "${WORKDIR}/git"