ALSA-2026:16482

[ALSA-2026:16482] Moderate: freerdp security update

Type:

security

Severity:

moderate

Release date:

2026-05-16

Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.  

Security Fix(es):  

  * freerdp: FreeRDP: Denial of service due to use-after-free vulnerability (CVE-2026-25952)
  * freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect (CVE-2026-26986)
  * freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity (CVE-2026-27951)
  * freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId (CVE-2026-29775)
  * freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks (CVE-2026-31885)
  * freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 (CVE-2026-31884)
  * freerdp: FreeRDP: Denial of Service via crafted audio data in RDP (CVE-2026-31883)
  * FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read (CVE-2026-33985)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	freerdp-devel-2.11.7-1.el9_7.7.aarch64.rpm	a753a5abb496fcd2b7a90cb1d4862ee66af4099102cf154f9b42a62e1b0889a8
aarch64	freerdp-2.11.7-1.el9_7.7.aarch64.rpm	b37ee9f852b4929b903a6f45376c08236ca901b43f7ef294d5d46e150a370a3f
aarch64	freerdp-libs-2.11.7-1.el9_7.7.aarch64.rpm	baf66dcf97fe8cd98461742927d084ae5adcfdba523eb67c6d9926aecdf718fe
aarch64	libwinpr-2.11.7-1.el9_7.7.aarch64.rpm	c852bc907a8b38df4e8b1cb17af250354afefa87bf21b97669058db58f504853
aarch64	libwinpr-devel-2.11.7-1.el9_7.7.aarch64.rpm	cb70bac30e0c00c7d0784eae7f76b72ce05d62e127a7b62f1505f7db91e5ca16
i686	libwinpr-devel-2.11.7-1.el9_7.7.i686.rpm	1ec24d932fb47bb0c8d0d90f58e9e9ecdd23bfd33ca87e34af276633170fb21f
i686	libwinpr-2.11.7-1.el9_7.7.i686.rpm	a479de216c5eec50d434dfaa21fd25265b5bd2230427d5a2ae350337d376b246
i686	freerdp-libs-2.11.7-1.el9_7.7.i686.rpm	b29973b999b227b5bd40039a20a112559dcfe336acf5c86760279d854fbee3ea
i686	freerdp-devel-2.11.7-1.el9_7.7.i686.rpm	fcc63505a26c06704293a30f8cd3fb4b706c6c0716cf11592ad5e8e3b62bc0f1
ppc64le	freerdp-devel-2.11.7-1.el9_7.7.ppc64le.rpm	384959465584d675462b54edaf903dbbe665a00b7bbbb543abfbad43a63ebad2
ppc64le	freerdp-libs-2.11.7-1.el9_7.7.ppc64le.rpm	767c9e7bb65ab984636f5eb721f4ea7746f0412d3177cb15495e7d5e6c98dbf0
ppc64le	libwinpr-devel-2.11.7-1.el9_7.7.ppc64le.rpm	8dc4c8de6cec7895239d163d448caf1c3044785c29bf1ad4a1cedb02ff1e172e
ppc64le	freerdp-2.11.7-1.el9_7.7.ppc64le.rpm	ae08b62595ed60e579ef6ec4c86ac90a5d09fd3d49babbe114fcf4c82999c954
ppc64le	libwinpr-2.11.7-1.el9_7.7.ppc64le.rpm	c3227f38eb2cc2d6cffc3f991722d15708e8160f76277c3d26811bd7cf12e224
s390x	libwinpr-2.11.7-1.el9_7.7.s390x.rpm	1381a88d375f5e62e443ebb0ef10d72952acc9501149253de3f1dc9a57829206
s390x	freerdp-2.11.7-1.el9_7.7.s390x.rpm	4ded3a7724f16454f94bdb1b617caf5da7f3def6fdf06c8ac93dafda9af31446
s390x	libwinpr-devel-2.11.7-1.el9_7.7.s390x.rpm	55515246ccf85418115dec240c78020e8d61edc88e8efbf32c93e95c31160676
s390x	freerdp-libs-2.11.7-1.el9_7.7.s390x.rpm	6aea30b311237768e6628fd1aedd8fed5c0bfcd9b8c087793e25b1d0d9bbf250
s390x	freerdp-devel-2.11.7-1.el9_7.7.s390x.rpm	c1c8947e6254a948eda31eb4cbb2fcddc9665a29a79a34874f3c38f879d6a9f7
x86_64	freerdp-devel-2.11.7-1.el9_7.7.x86_64.rpm	661031718af72d9dd48b09bad7979f16e196364b14cf3899b2a8e443700e6877
x86_64	freerdp-2.11.7-1.el9_7.7.x86_64.rpm	75a94f94acf18d25bb33b2626d6dc1d62fa16278dfba4705173227c18b5ebe7d
x86_64	libwinpr-2.11.7-1.el9_7.7.x86_64.rpm	81792b2ec8b35fac45e98d0ea6ef0abf0d9e0f343d0eeba750b18e9fe26338a2
x86_64	libwinpr-devel-2.11.7-1.el9_7.7.x86_64.rpm	ec822104b938ca04440b337f3a7e2e28ac4b5e81b0abaa0335d55e7180beeee5
x86_64	freerdp-libs-2.11.7-1.el9_7.7.x86_64.rpm	fa67b1381b2d213fdf846b4e1a2d081ef4d402fa063fb64808d8b4ba87abb2cc

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.