Red Hat Product Errata RHSA-2026:9641 - Security Advisory Issued: 2026-04-22 Updated: 2026-04-22 RHSA-2026:9641 - Security Advisory Overview Updated Packages Synopsis Important: freerdp security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for freerdp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): freerdp: FreeRDP heap-use-after-free (CVE-2026-22856) freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854) freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852) freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732) freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676) freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491) freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948) freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684) freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681) freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679) freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675) freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2429650 - CVE-2026-22856 freerdp: FreeRDP heap-use-after-free BZ - 2429652 - CVE-2026-22854 freerdp: FreeRDP heap-buffer-overflow BZ - 2429654 - CVE-2026-22852 freerdp: FreeRDP heap-buffer-overflow BZ - 2430881 - CVE-2026-23732 freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow BZ - 2438201 - CVE-2026-24676 freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation BZ - 2438202 - CVE-2026-24491 freerdp: FreeRDP has a heap-use-after-free in video_timer BZ - 2438207 - CVE-2026-23948 freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() BZ - 2438208 - CVE-2026-24684 freerdp: FreeRDP has a Heap-use-after-free in play_thread BZ - 2438210 - CVE-2026-24681 freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb BZ - 2438217 - CVE-2026-24679 freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface BZ - 2438221 - CVE-2026-24675 freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface BZ - 2447376 - CVE-2026-31806 freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages CVEs CVE-2026-22852 CVE-2026-22854 CVE-2026-22856 CVE-2026-23732 CVE-2026-23948 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24679 CVE-2026-24681 CVE-2026-24684 CVE-2026-31806 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM freerdp-2.4.1-6.el9_2.6.src.rpm SHA-256: ee90b7ca2711470a04a809235c791c9f0aa768c31371ba9f12fb34e02f838077 x86_64 freerdp-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: d3e831e78214ac1b5ab869da8ee2e719be78a633446c9aa4772781f9144303c6 freerdp-debuginfo-2.4.1-6.el9_2.6.i686.rpm SHA-256: e56e2adcaea975354395532850c5c3520364290d99201dde928d280b851c1a5a freerdp-debuginfo-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 50cdc8d1db7cee88a80116bd15435556462de2aa2dfd970704a34005eac33a05 freerdp-debugsource-2.4.1-6.el9_2.6.i686.rpm SHA-256: eed3a075a80b49f9926899e9aa4b435ecc12a3f60a61d29111d18c6de48d99e4 freerdp-debugsource-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 8b3c3a6736b434c18551477eedbbd15ebfafcb9a928d7369868285a7d59c9591 freerdp-libs-2.4.1-6.el9_2.6.i686.rpm SHA-256: 4a04b6c61169a58b0e516e896236d97e0cfe143845d8cd69529388891929f9b6 freerdp-libs-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: cd8ffebdcf678d5d31ad8251d301047b961ca2a865fd8cd8f03a01f52be24232 freerdp-libs-debuginfo-2.4.1-6.el9_2.6.i686.rpm SHA-256: 52d243744c0d1c575786ca2effb1c51f2bacefc6ad1eec7d8fa7db9dc6067c2e freerdp-libs-debuginfo-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 2c5d5efb2937cbf0287c5c7a3d7f05b22696d836ab4f3a7b5179e43d7d35d7b2 libwinpr-2.4.1-6.el9_2.6.i686.rpm SHA-256: a9e288c0b451ff22db3f38d065b45067ed56a631b5bbe539528845213c4afc1d libwinpr-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 2451b1d30c202064e7c9a70cf4ad27565aab935963b3869c13ac88c382c2c9a0 libwinpr-debuginfo-2.4.1-6.el9_2.6.i686.rpm SHA-256: ba7bdeefb9795f34e6a591a7da21032e30025c21ef49a5a4c36908725d7b5153 libwinpr-debuginfo-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: d95043e3ca5aa1da16ada9062be0fe46ce2bde70ded0966390082da785a5618d Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM freerdp-2.4.1-6.el9_2.6.src.rpm SHA-256: ee90b7ca2711470a04a809235c791c9f0aa768c31371ba9f12fb34e02f838077 ppc64le freerdp-2.4.1-6.el9_2.6.ppc64le.rpm SHA-256: 4b723c904b5da27ad408b7ebb197b42e5ce82e764349716ca1cbe73fe49debb3 freerdp-debuginfo-2.4.1-6.el9_2.6.ppc64le.rpm SHA-256: f5950307b72f43fe02751429023e664286940b78e8db2e228aafda3985429e9e freerdp-debugsource-2.4.1-6.el9_2.6.ppc64le.rpm SHA-256: ae824732cdd6e15ace844a9f047bae96eca61b6f1eaa5378b84fa2e9f83e4a08 freerdp-libs-2.4.1-6.el9_2.6.ppc64le.rpm SHA-256: df050861a746cd2c7945cf0901ad4c5789740c8be946ccd68f3210bb033a421f freerdp-libs-debuginfo-2.4.1-6.el9_2.6.ppc64le.rpm SHA-256: 71257eddf7963a47f10c55bb4170be49a32a85c266976d56a1b1db2660aba8e3 libwinpr-2.4.1-6.el9_2.6.ppc64le.rpm SHA-256: 88c39a59b672e58c99bcde482fbdff3da93ee7aa49f7f818cf714c2d11481547 libwinpr-debuginfo-2.4.1-6.el9_2.6.ppc64le.rpm SHA-256: 885cd661820118ccb0201e17f8116af7b0c1cd0f9e9233d1e77934b5339355aa Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM freerdp-2.4.1-6.el9_2.6.src.rpm SHA-256: ee90b7ca2711470a04a809235c791c9f0aa768c31371ba9f12fb34e02f838077 x86_64 freerdp-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: d3e831e78214ac1b5ab869da8ee2e719be78a633446c9aa4772781f9144303c6 freerdp-debuginfo-2.4.1-6.el9_2.6.i686.rpm SHA-256: e56e2adcaea975354395532850c5c3520364290d99201dde928d280b851c1a5a freerdp-debuginfo-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 50cdc8d1db7cee88a80116bd15435556462de2aa2dfd970704a34005eac33a05 freerdp-debugsource-2.4.1-6.el9_2.6.i686.rpm SHA-256: eed3a075a80b49f9926899e9aa4b435ecc12a3f60a61d29111d18c6de48d99e4 freerdp-debugsource-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 8b3c3a6736b434c18551477eedbbd15ebfafcb9a928d7369868285a7d59c9591 freerdp-libs-2.4.1-6.el9_2.6.i686.rpm SHA-256: 4a04b6c61169a58b0e516e896236d97e0cfe143845d8cd69529388891929f9b6 freerdp-libs-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: cd8ffebdcf678d5d31ad8251d301047b961ca2a865fd8cd8f03a01f52be24232 freerdp-libs-debuginfo-2.4.1-6.el9_2.6.i686.rpm SHA-256: 52d243744c0d1c575786ca2effb1c51f2bacefc6ad1eec7d8fa7db9dc6067c2e freerdp-libs-debuginfo-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 2c5d5efb2937cbf0287c5c7a3d7f05b22696d836ab4f3a7b5179e43d7d35d7b2 libwinpr-2.4.1-6.el9_2.6.i686.rpm SHA-256: a9e288c0b451ff22db3f38d065b45067ed56a631b5bbe539528845213c4afc1d libwinpr-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: 2451b1d30c202064e7c9a70cf4ad27565aab935963b3869c13ac88c382c2c9a0 libwinpr-debuginfo-2.4.1-6.el9_2.6.i686.rpm SHA-256: ba7bdeefb9795f34e6a591a7da21032e30025c21ef49a5a4c36908725d7b5153 libwinpr-debuginfo-2.4.1-6.el9_2.6.x86_64.rpm SHA-256: d95043e3ca5aa1da16ada9062be0fe46ce2bde70ded0966390082da785a5618d Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM freerdp-2.4.1-6.el9_2.6.src.rpm SHA-256: ee90b7ca2711470a04a809235c791c9f0aa768c31371ba9f12fb34e02f838077 aarch64 freerdp-2.4.1-6.el9_2.6.aarch64.rpm SHA-256: 9528eab3313eb3d61d040dae2641b5b6e21e48c473b4d4b4a6a1322f7d20d699 freerdp-debuginfo-2.4.1-6.el9_2.6.aarch64.rpm SHA-256: f47f18d794338b88bb1d4ebdf8daadda15fe8ce3ba8e22fdacb0d088d63f65dc freerdp-debugsource-2.4.1-6.el9_2.6.aarch64.rpm SHA-256: 765cfccbfaae949334bf3f5e223cd32ecf2e437d1c396918544719a6358bb341 freerdp-libs-2.4.1-6.el9_2.6.aarch64.rpm SHA-256: 1eadadda15b7158bc710e4f050cd57dfb8ff8f8ceea64ff9f9f1d8717f8d0b88 freerdp-libs-debuginfo-2.4.1-6.el9_2.6.aarch64.rpm SHA-256: 488afee3a612823528eaf3e686a909b245f9a5552c9aba5aee1bdfbbbd26f1b4 libwinpr-2.4.1-6.el9_2.6.aarch64.rpm SHA-256: bff4806d0867fd8b6cdd69ebfa1b038012179ace409dc3a326748a5525e464a7 libwinpr-debuginfo-2.4.1-6.el9_2.6.aarch64.rpm SHA-256: 4ad2b62b72d10ae488a91d42f57da76d168932721dd8db3a9b59a6976dcfd2b0 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 SRPM freerdp-2.4.1-6.el9_2.6.src.rp