ALSA-2026:6340

[ALSA-2026:6340] Important: freerdp security update

Type:

security

Severity:

important

Release date:

2026-04-02

Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.  

Security Fix(es):  

  * freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
  * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
  * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
  * freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
  * freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
  * freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
  * freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
  * freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
  * freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
  * freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
  * freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
  * freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
  * freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libwinpr-devel-2.11.7-1.el9_7.5.aarch64.rpm	8ce6b71c9f6a0dbb0b0cef0e9894d8a41671aec06392fde11d02f1bb637dbc73
aarch64	freerdp-2.11.7-1.el9_7.5.aarch64.rpm	ab4a5d2783447103e83ae6cd4cf3e8e969668126054dc6e3d2d43cb80adac71e
aarch64	libwinpr-2.11.7-1.el9_7.5.aarch64.rpm	ac8c2e34a0e59d1665c5552580e1337536ee13378c32916236912e99b8ffd3cd
aarch64	freerdp-libs-2.11.7-1.el9_7.5.aarch64.rpm	b110b6aabf4a0b1f25912030a85f0e279fa2eccc7c814852bf095363a2409dee
aarch64	freerdp-devel-2.11.7-1.el9_7.5.aarch64.rpm	b90eb49f3cf9c888308f3bc9c8dc1dcae1eabfe9f8dbce2951e33d852f3cb4e6
i686	libwinpr-2.11.7-1.el9_7.5.i686.rpm	5917a3c28a1f49a0d28bfef594443e3b89d2ed252a5bc883396e593eda170af0
i686	freerdp-libs-2.11.7-1.el9_7.5.i686.rpm	7057b45eb9ea357b1eec414aa8e1fa55162b4bcabaa0f905737dce021621c3f8
i686	freerdp-devel-2.11.7-1.el9_7.5.i686.rpm	af80f437fbf96a43bc2cd9735ecdcfcd26126a1213db3349885a1f6fd500c78f
i686	libwinpr-devel-2.11.7-1.el9_7.5.i686.rpm	e1d2139cd9ed228e6a810c4ede0e9d3ddece7a9765ff18efb9c34650c6b56510
ppc64le	freerdp-libs-2.11.7-1.el9_7.5.ppc64le.rpm	15d8c9817bfd44adaa55ed9bc8aafd17c10b5e3416fb94b40d531f914c7ffe6c
ppc64le	libwinpr-devel-2.11.7-1.el9_7.5.ppc64le.rpm	188ad8e2fdd6e17ade91ca542b155b16f4e037aa50f60af0eda24fae7bff9c19
ppc64le	libwinpr-2.11.7-1.el9_7.5.ppc64le.rpm	202679920287beb4a7fa30213f21a45d540c00c8ae128916c47066ea93d77708
ppc64le	freerdp-devel-2.11.7-1.el9_7.5.ppc64le.rpm	62436180ecba941b9418b3050496367af942f1a5e3c060ee3f57855f2d919f73
ppc64le	freerdp-2.11.7-1.el9_7.5.ppc64le.rpm	736a1f07218a2b9af629bd5bd79515941d7fbbb25b40d597666e779484bc5d1e
s390x	libwinpr-devel-2.11.7-1.el9_7.5.s390x.rpm	1516763456f0ecc37bb0232ebaba45ff4892d0a3cf50be0c4565b23d893e2ffb
s390x	freerdp-2.11.7-1.el9_7.5.s390x.rpm	35697b4f7105dd1a63d9211874d97b3cfe94288152c48ed12ea4967f03d61f9e
s390x	libwinpr-2.11.7-1.el9_7.5.s390x.rpm	624af36594e870ad10f2307d316a2596f58248c2ced7cc39005fa10d7dcb8f0e
s390x	freerdp-libs-2.11.7-1.el9_7.5.s390x.rpm	898cb4227e82f34b9699c02944b61e40601ddf8e3910f63e9b3cf0398e90ad4b
s390x	freerdp-devel-2.11.7-1.el9_7.5.s390x.rpm	9cb155f4923b017f748f3605c499c21554371246619952607198842aeaa93e35
x86_64	freerdp-libs-2.11.7-1.el9_7.5.x86_64.rpm	3d56a5b49cf6774c63ccfcb8332380b7d8b482022a3c1e0284a85fc8977ac3df
x86_64	libwinpr-devel-2.11.7-1.el9_7.5.x86_64.rpm	8c2ecb7f999851111c2101702fc34f0f6d958426c736221983820ce9953644ff
x86_64	freerdp-devel-2.11.7-1.el9_7.5.x86_64.rpm	92c0907e4fd839ffc6e70d95bf544cad44a9d11eaafe0cbd13dadfc83be070c5
x86_64	freerdp-2.11.7-1.el9_7.5.x86_64.rpm	d8015fd576922c4e348d0e28daf03e1e1348dba97f45b71890be0594a64cb756
x86_64	libwinpr-2.11.7-1.el9_7.5.x86_64.rpm	ff7add20df0a3770aa0dda963665f0ed8ee6ebafc4970191ee22753189bd3799

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.