[ALSA-2026:19358] Moderate: freerdp security update
Type:
security
Severity:
moderate
Release date:
2026-07-02
Description:
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): * freerdp: FreeRDP: Denial of service due to use-after-free vulnerability (CVE-2026-25952) * freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect (CVE-2026-26986) * freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity (CVE-2026-27951) * freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId (CVE-2026-29775) * freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks (CVE-2026-31885) * freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 (CVE-2026-31884) * freerdp: FreeRDP: Denial of Service via crafted audio data in RDP (CVE-2026-31883) * FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read (CVE-2026-33985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 libwinpr-devel-2.11.7-7.el9_8.3.aarch64.rpm 31d5406590234c676e2200e35f569fc8da85ea689922956a7a65ac410cf56745
aarch64 freerdp-devel-2.11.7-7.el9_8.3.aarch64.rpm 54622ac61d2ecdced9c05565ae6546c339bcee6a050e8e04a7d1887d1a90833d
aarch64 freerdp-2.11.7-7.el9_8.3.aarch64.rpm c038edb1758d2105c6edd0349431248fe7640b65590d26595c920e390a546b31
aarch64 freerdp-libs-2.11.7-7.el9_8.3.aarch64.rpm ca5f86860622b8a6e31646909717fe1a9c6dd548abdeaedec5230e024f7bcb4e
aarch64 libwinpr-2.11.7-7.el9_8.3.aarch64.rpm e323abaf5b7bd441491f0eeb1140649c830907ced73485bdbcdaa676941d9c3b
i686 libwinpr-2.11.7-7.el9_8.3.i686.rpm 3bc785f8aab8383c0e35fbcb19bf183faabecffa3a634e118949c9a51e7c625a
i686 libwinpr-devel-2.11.7-7.el9_8.3.i686.rpm 9e7cb7cf1e40b12eeef4e21d54968e2513f9eca938ad8cca4bc87a18d594a09f
i686 freerdp-libs-2.11.7-7.el9_8.3.i686.rpm cd7c87a2a6c9a4efc46d653db6539bb9bfac04ad63257f0bc11239ea263f573b
i686 freerdp-devel-2.11.7-7.el9_8.3.i686.rpm eb4a161af6faaa4f343cc3f69ee1778cd1aaa863043ee82406ad2a16c6766fcf
ppc64le libwinpr-devel-2.11.7-7.el9_8.3.ppc64le.rpm 09b0e40947f11b2a0679899d4d9b5ee48eeff157a34b3bb8fc636a5a5c60f9bd
ppc64le freerdp-devel-2.11.7-7.el9_8.3.ppc64le.rpm 46f060618d7c322d1b1bad47adde4b3df2e4c8cbd271b40f0b71311a4d0f8a7b
ppc64le libwinpr-2.11.7-7.el9_8.3.ppc64le.rpm ca2e7834242661103b17ed46f6df19884236f3cf8f2137d2e5f33981bc547f44
ppc64le freerdp-2.11.7-7.el9_8.3.ppc64le.rpm eba621379db9a3a8cb17342a2142e51543c31fdc0a2b25f00e346f6eb8c2ceb4
ppc64le freerdp-libs-2.11.7-7.el9_8.3.ppc64le.rpm ef88d7d3bf839e0337c2ea49fb8b8d1f97b251f180debaaaf9ab82b424372c7e
s390x freerdp-devel-2.11.7-7.el9_8.3.s390x.rpm 0d6765ea38a8cbdf3c24b41a30e6ef675df701cd7e4f99a8cbd38327f311b189
s390x libwinpr-devel-2.11.7-7.el9_8.3.s390x.rpm 348d3b4ac5e51b6ff7347914ae6131790ccf891aa53f306a5c6811761eadfff3
s390x libwinpr-2.11.7-7.el9_8.3.s390x.rpm 6131ca27f10b373c8d1112810a1f18916721e36548d64a41383aeafb3514b225
s390x freerdp-2.11.7-7.el9_8.3.s390x.rpm 6fae81ad78822669ef03e69e80c1db4d5ee358491921aa6706127f9df9d68c25
s390x freerdp-libs-2.11.7-7.el9_8.3.s390x.rpm fb2684fd228ba385f575a67bfe7dcaf602e8e31355e84313a8de7dd3b06d1dea
x86_64 freerdp-libs-2.11.7-7.el9_8.3.x86_64.rpm 1fb8f665c2e3a91902fca606e394d074321717384d9d8f74f03e4e75e0212858
x86_64 libwinpr-2.11.7-7.el9_8.3.x86_64.rpm 831326f6e5a8443a01dcded038207526b67c0ab52b728ee8edccd8daa21fd7a7
x86_64 libwinpr-devel-2.11.7-7.el9_8.3.x86_64.rpm 898e48146a2ab97692d63b0887543b95b8c74642c2bf6b08244e21429dec7f0b
x86_64 freerdp-2.11.7-7.el9_8.3.x86_64.rpm b5a444ec24d086e38e6a2c24f546108a91a98e1ff581a0a32a9b01ae0aa44d4e
x86_64 freerdp-devel-2.11.7-7.el9_8.3.x86_64.rpm cd9633cbe4ae58a38f0a5111d32020bf3cd694d32bda7cab93e8aac1a9f51a26
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.