ALSA-2026:6799

[ALSA-2026:6799] Important: freerdp security update

Type:

security

Severity:

important

Release date:

2026-04-09

Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.  

Security Fix(es):  

  * freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
  * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
  * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
  * freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
  * freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
  * freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
  * freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
  * freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
  * freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
  * freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free (CVE-2026-24682)
  * freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
  * freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
  * freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
  * freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libwinpr-devel-3.10.3-5.el10_1.5.aarch64.rpm	5149f66043f01f9be0d8d69d2b6f03bf22a3ea229626266d8f553ebcb12b6681
aarch64	freerdp-3.10.3-5.el10_1.5.aarch64.rpm	8fd1361b296f7554248e6d08ed72b04352964aa43d1804a5e3b38ba264dbb137
aarch64	freerdp-devel-3.10.3-5.el10_1.5.aarch64.rpm	93f4128ddb76c5707846acb3f4fc3adc0439fd3d9e4bed5646497e9f9b4b0e6e
aarch64	freerdp-server-3.10.3-5.el10_1.5.aarch64.rpm	9bf8fe2e172d350425ade52c014c230a4f45fc9d5efcc65f7d1b2499fab81a51
aarch64	freerdp-libs-3.10.3-5.el10_1.5.aarch64.rpm	b379aa50b131e27de3b09837d0c465f35654c0e7d56e01da1959f9489e5d2341
aarch64	libwinpr-3.10.3-5.el10_1.5.aarch64.rpm	d34200f364e7beba514e0517287a55e91c482cebacf38a7386dedc90f0c4e1b9
ppc64le	freerdp-3.10.3-5.el10_1.5.ppc64le.rpm	0febb42420047423355647eb94b3584c0e635ff114c0e5d27529b22180618a2f
ppc64le	libwinpr-3.10.3-5.el10_1.5.ppc64le.rpm	145fb1720f1db3527499e2acd3ca268fe0b6fdbe1659e46f51603e9896322133
ppc64le	freerdp-libs-3.10.3-5.el10_1.5.ppc64le.rpm	9e49598ded0fef2e3af2e057956c0941fdbb5e364eca53bc31088b2ad483b4b2
ppc64le	libwinpr-devel-3.10.3-5.el10_1.5.ppc64le.rpm	b9d3d25ed65a9b03dfa04b99c6ce9944a300ba5c570cd734b60574ea2dbbf8c5
ppc64le	freerdp-devel-3.10.3-5.el10_1.5.ppc64le.rpm	cc62a6e0dfd4d437e5507dd7fc503b7af19ace6c7603c6966bb92b8bd887f3bf
ppc64le	freerdp-server-3.10.3-5.el10_1.5.ppc64le.rpm	e2a0bdf22545ea09db7a530828f106abdb21ae1b6336e80b42a668f65196f56b
s390x	libwinpr-devel-3.10.3-5.el10_1.5.s390x.rpm	04aa46560f90990239bbab2e205008b6a3322d0864e2a26feb4c84d5bc9a21fe
s390x	libwinpr-3.10.3-5.el10_1.5.s390x.rpm	3684f7f1446b3c6528daed9437527df05641b740fee629b7c39ebb828c7892dd
s390x	freerdp-devel-3.10.3-5.el10_1.5.s390x.rpm	463572b5dc9f6c8e1471b28e02a9b7eb62c9e7900b4b79bec090773768efa3e0
s390x	freerdp-server-3.10.3-5.el10_1.5.s390x.rpm	8c069fc525e903574a5f31bc23bb265abb789e4eb0f3d21b0334025d2003a761
s390x	freerdp-3.10.3-5.el10_1.5.s390x.rpm	d71406ef5b1e35ba60e9072728600366f307fb30bc9c2139cd6feb16e7ac487a
s390x	freerdp-libs-3.10.3-5.el10_1.5.s390x.rpm	fca8d702916403095b74ad89c8ab3acb6c748c2bd2d5b8d675b1c91fa094e43a
x86_64	freerdp-3.10.3-5.el10_1.5.x86_64.rpm	05f27c9b49eaca37b39571217d5182d727a2231fe8aa89e37f78c7373de32605
x86_64	libwinpr-3.10.3-5.el10_1.5.x86_64.rpm	183367dc1b4f4578099b3735eab858cda68313a189b1964da3024afb2610c602
x86_64	freerdp-devel-3.10.3-5.el10_1.5.x86_64.rpm	7e5d053f8212927ac0bdcf6d7d02b5f3da91bd226c6e775e9870edcb03fb69fe
x86_64	libwinpr-devel-3.10.3-5.el10_1.5.x86_64.rpm	9d3e9df311376a22c771725331509d7092d1d2bae72ea8a317906c1fdc4db20c
x86_64	freerdp-libs-3.10.3-5.el10_1.5.x86_64.rpm	b4815a381d78a8f06652a90b4f9acf2fec4445af33e0343e051627ba6153028d
x86_64	freerdp-server-3.10.3-5.el10_1.5.x86_64.rpm	e6d6a2ebe0d97e4caaea826017335348d69a39303b99456cc28e0d75b7288860
x86_64_v2	freerdp-3.10.3-5.el10_1.5.x86_64_v2.rpm	06d0a7860cd9031371470a7ec495f819b4fa871cdfedcb78b525c69ab1151aca
x86_64_v2	freerdp-libs-3.10.3-5.el10_1.5.x86_64_v2.rpm	0dc9463722cd1df4944eb670278f9416e92cc514e15c5a080e672b0dbfb5dd66
x86_64_v2	libwinpr-devel-3.10.3-5.el10_1.5.x86_64_v2.rpm	27a3394c5b7c16b8034dcb0de119e03af11e2f4fdd4db7be6551256de229b7bf
x86_64_v2	freerdp-devel-3.10.3-5.el10_1.5.x86_64_v2.rpm	472c2917ed65ff4d366760abb925e86241c1378221e7189ae5484087d75484fa
x86_64_v2	libwinpr-3.10.3-5.el10_1.5.x86_64_v2.rpm	4c619e4bb24ff7861dbd6a8b6b5dcc0ffc00eca2a61feea63d9498aad562796c
x86_64_v2	freerdp-server-3.10.3-5.el10_1.5.x86_64_v2.rpm	9ac4e4d591690ed25ed723d80c475dafb7ae11fb03e65854008ae0c1070de336

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.