ALSA-2026:6004

[ALSA-2026:6004] Important: freerdp security update

Type:

security

Severity:

important

Release date:

2026-03-31

Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.  

Security Fix(es):  

  * freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path (CVE-2026-26965)
  * freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline (CVE-2026-26955)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	freerdp-devel-2.11.7-1.el9_7.3.aarch64.rpm	a1b1a2a03d6b3c6037e953c10d3b3728e55854685c335410824da0783cbadf6d
aarch64	freerdp-2.11.7-1.el9_7.3.aarch64.rpm	b9fc9ef35a5d34cefd17bd04b7a9c29d3fb6d7d02857208d4b93dc4420d6a6d6
aarch64	freerdp-libs-2.11.7-1.el9_7.3.aarch64.rpm	cc277ad25233d5ffa9bfd7fe610e14049640a884e399f36567a2d01b88be470a
aarch64	libwinpr-devel-2.11.7-1.el9_7.3.aarch64.rpm	ded9af673cb75dff7a08e21f1472c93e42b88f908a3d0ff9726d6ab9dfab75eb
aarch64	libwinpr-2.11.7-1.el9_7.3.aarch64.rpm	f4320500005a1e7b631726e3923b5075fe3b2dae5ba4eb7189e4e1e8df373cf1
i686	libwinpr-devel-2.11.7-1.el9_7.3.i686.rpm	13e88e61ddb960693c970fee94480a78be5c5f43c376c8d1c31e0a0db6ce7f22
i686	freerdp-libs-2.11.7-1.el9_7.3.i686.rpm	4e33ebd03b62cb3fdc00a9f1655605b934ca86ffaf7151bf12a3e43b4f5826cf
i686	libwinpr-2.11.7-1.el9_7.3.i686.rpm	ae53258d4788adab7c8ad8b8091d47eea27e4fdafb53874e3366b995fff56f1a
i686	freerdp-devel-2.11.7-1.el9_7.3.i686.rpm	beeaaa2feda8690e021f23db029cc461322f11e8a1b2d5f608bacffe4ec9d3da
ppc64le	libwinpr-2.11.7-1.el9_7.3.ppc64le.rpm	866a4b67fbef40f3cb33b98fc454a4d124512b85bde0bf2a38e2a28ab653d079
ppc64le	libwinpr-devel-2.11.7-1.el9_7.3.ppc64le.rpm	953863d0d5e9d327c92f68b3bfaaedd4ee1e6852a96f7ba007177e18de8e9583
ppc64le	freerdp-devel-2.11.7-1.el9_7.3.ppc64le.rpm	95be5b1153e7a22ee7cef8d59de4c899dcde5fc4b30ca572f8670a3af9284787
ppc64le	freerdp-2.11.7-1.el9_7.3.ppc64le.rpm	9e85ad636af7967e931fcd8da954eafac5f99b78a8281c7948bbf4cfcb49e39e
ppc64le	freerdp-libs-2.11.7-1.el9_7.3.ppc64le.rpm	cb2c6bca993d5bf3704333bacc434c9e853c7b8c4e37ba3ebe64f725820813ed
s390x	freerdp-libs-2.11.7-1.el9_7.3.s390x.rpm	0f6672bf6631c93ac207334fdb01bde213c7c980687ea989233e42cff762b64c
s390x	freerdp-devel-2.11.7-1.el9_7.3.s390x.rpm	1b2bd13403668adff4dd40c2cf37443461e6dfde4ca49581eea9659abedd633c
s390x	libwinpr-devel-2.11.7-1.el9_7.3.s390x.rpm	7bacd67b75ee0fc5c605b211cd8e4b943d2ca3ca581904a9a45d854300444132
s390x	freerdp-2.11.7-1.el9_7.3.s390x.rpm	c486e568f710ee001da192861aec4fbf97e643664c8ab0c39a01c904113d7272
s390x	libwinpr-2.11.7-1.el9_7.3.s390x.rpm	efcbf4da78f9d13e3a0a219bf5c5bd7cd35f0e7577236610fce6aa7d855f6b11
x86_64	freerdp-2.11.7-1.el9_7.3.x86_64.rpm	05567d855658c68d7c3b396a31be031b58dae2d1b2e724fdf53662fa7e6a1f3d
x86_64	freerdp-devel-2.11.7-1.el9_7.3.x86_64.rpm	2474f6f1569e9ec2c1b39f5efbd20fb167c206c371d891719f90b92bd1733787
x86_64	libwinpr-devel-2.11.7-1.el9_7.3.x86_64.rpm	64cbe557d43cea9018f9f6dc36699ac8d4f17faa05744e0510dbc40912f6e427
x86_64	libwinpr-2.11.7-1.el9_7.3.x86_64.rpm	933723d73854c882d49caf8124c2b7468270fdec4b9c3e6f1917da4620ed86f8
x86_64	freerdp-libs-2.11.7-1.el9_7.3.x86_64.rpm	c30c383e845da732aa9b780466908219a3fc5f53f6bf3c47b580d29159536f87

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.