Red Hat Product Errata RHSA-2026:10076 - Security Advisory Issued: 2026-04-23 Updated: 2026-04-23 RHSA-2026:10076 - Security Advisory Overview Updated Packages Synopsis Important: freerdp security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for freerdp is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): freerdp: FreeRDP heap-use-after-free (CVE-2026-22856) freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854) freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852) freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732) freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676) freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491) freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948) freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684) freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679) freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675) freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2429650 - CVE-2026-22856 freerdp: FreeRDP heap-use-after-free BZ - 2429652 - CVE-2026-22854 freerdp: FreeRDP heap-buffer-overflow BZ - 2429654 - CVE-2026-22852 freerdp: FreeRDP heap-buffer-overflow BZ - 2430881 - CVE-2026-23732 freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow BZ - 2438201 - CVE-2026-24676 freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation BZ - 2438202 - CVE-2026-24491 freerdp: FreeRDP has a heap-use-after-free in video_timer BZ - 2438207 - CVE-2026-23948 freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() BZ - 2438208 - CVE-2026-24684 freerdp: FreeRDP has a Heap-use-after-free in play_thread BZ - 2438217 - CVE-2026-24679 freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface BZ - 2438221 - CVE-2026-24675 freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface BZ - 2447376 - CVE-2026-31806 freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages CVEs CVE-2026-22852 CVE-2026-22854 CVE-2026-22856 CVE-2026-23732 CVE-2026-23948 CVE-2026-24491 CVE-2026-24675 CVE-2026-24676 CVE-2026-24679 CVE-2026-24684 CVE-2026-31806 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM freerdp-2.2.0-12.el8_8.5.src.rpm SHA-256: 2e50c6ab1e3c615d0c72dc787fda2ce29a3fe0e9b934d2a894cfb9669843d1d5 x86_64 freerdp-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: cfa212a8f8d8acaf67e6e5e3cb4a978010631a290457ecfd48e1d8f4d5abd844 freerdp-debuginfo-2.2.0-12.el8_8.5.i686.rpm SHA-256: 7f5db36caaa4c667d677fe8d407e4a29ff193e4d8662e405a19869860b0f7412 freerdp-debuginfo-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 08792be4c71c2ec758ffc570582c14655554deaffa3ed1e7483b54a2d428dd68 freerdp-debugsource-2.2.0-12.el8_8.5.i686.rpm SHA-256: a12cf0bb84d85c13ecd7a52ca5ec43fe5c437ef3b2ca39d3d1f97d54b3182620 freerdp-debugsource-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 132714be52d7775383e83529b370eb5eb924e232e76d795c297a7224e4d7307e freerdp-libs-2.2.0-12.el8_8.5.i686.rpm SHA-256: c59bf0793d6631568f08551f9d6101e94131232b0a6d97105c6337583be39dec freerdp-libs-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 2c6175914f0a22d401a20fe2aa7971947b2b15155cb44eb112a186ce16a9d3b4 freerdp-libs-debuginfo-2.2.0-12.el8_8.5.i686.rpm SHA-256: a2abb128dc58d2831d43ce68cc97b9c2188e3f6166d96f222955f270ae60f340 freerdp-libs-debuginfo-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 607a36bff13a760fc862ece32906588396c53afc20bb5ca72d8e7b1c81830960 libwinpr-2.2.0-12.el8_8.5.i686.rpm SHA-256: a7d28bf92ff57764e826832b83797cb12c50f2d38a78602bafba84a5bb293ee8 libwinpr-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 90f0a0c6fc4896a6459ab775224611d8950c3c68513d852cae63b049167f7e68 libwinpr-debuginfo-2.2.0-12.el8_8.5.i686.rpm SHA-256: 6f0363ce6e22826f305a00aac656cfcb2daac06f871a7abee359e9bdfa6d5944 libwinpr-debuginfo-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: dc0b771ab775349ee8c2244804e5258717415bb10a559fe36c017154a21e7adb libwinpr-devel-2.2.0-12.el8_8.5.i686.rpm SHA-256: 13d9d5846bc7c6143479b9a12304174da60b670b6173438810706573352a602c libwinpr-devel-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 0170a4a49a87f8ce4ad4af3fdf93ee8b8790b85a1a7f7e4799345770d0f57022 Red Hat Enterprise Linux Server - TUS 8.8 SRPM freerdp-2.2.0-12.el8_8.5.src.rpm SHA-256: 2e50c6ab1e3c615d0c72dc787fda2ce29a3fe0e9b934d2a894cfb9669843d1d5 x86_64 freerdp-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: cfa212a8f8d8acaf67e6e5e3cb4a978010631a290457ecfd48e1d8f4d5abd844 freerdp-debuginfo-2.2.0-12.el8_8.5.i686.rpm SHA-256: 7f5db36caaa4c667d677fe8d407e4a29ff193e4d8662e405a19869860b0f7412 freerdp-debuginfo-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 08792be4c71c2ec758ffc570582c14655554deaffa3ed1e7483b54a2d428dd68 freerdp-debugsource-2.2.0-12.el8_8.5.i686.rpm SHA-256: a12cf0bb84d85c13ecd7a52ca5ec43fe5c437ef3b2ca39d3d1f97d54b3182620 freerdp-debugsource-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 132714be52d7775383e83529b370eb5eb924e232e76d795c297a7224e4d7307e freerdp-libs-2.2.0-12.el8_8.5.i686.rpm SHA-256: c59bf0793d6631568f08551f9d6101e94131232b0a6d97105c6337583be39dec freerdp-libs-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 2c6175914f0a22d401a20fe2aa7971947b2b15155cb44eb112a186ce16a9d3b4 freerdp-libs-debuginfo-2.2.0-12.el8_8.5.i686.rpm SHA-256: a2abb128dc58d2831d43ce68cc97b9c2188e3f6166d96f222955f270ae60f340 freerdp-libs-debuginfo-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 607a36bff13a760fc862ece32906588396c53afc20bb5ca72d8e7b1c81830960 libwinpr-2.2.0-12.el8_8.5.i686.rpm SHA-256: a7d28bf92ff57764e826832b83797cb12c50f2d38a78602bafba84a5bb293ee8 libwinpr-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 90f0a0c6fc4896a6459ab775224611d8950c3c68513d852cae63b049167f7e68 libwinpr-debuginfo-2.2.0-12.el8_8.5.i686.rpm SHA-256: 6f0363ce6e22826f305a00aac656cfcb2daac06f871a7abee359e9bdfa6d5944 libwinpr-debuginfo-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: dc0b771ab775349ee8c2244804e5258717415bb10a559fe36c017154a21e7adb libwinpr-devel-2.2.0-12.el8_8.5.i686.rpm SHA-256: 13d9d5846bc7c6143479b9a12304174da60b670b6173438810706573352a602c libwinpr-devel-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 0170a4a49a87f8ce4ad4af3fdf93ee8b8790b85a1a7f7e4799345770d0f57022 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM freerdp-2.2.0-12.el8_8.5.src.rpm SHA-256: 2e50c6ab1e3c615d0c72dc787fda2ce29a3fe0e9b934d2a894cfb9669843d1d5 ppc64le freerdp-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: a4bf72c303cab45bf11b3922da14867cb5c533dcb1cc8057e25e25418a9359d9 freerdp-debuginfo-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: d1e0dc9a074c448e0e13250eabbc7a0da1e855f2e27e0c09eaee5467d778f0b8 freerdp-debugsource-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: 66f722b9d1619cbee838a26241865650dc205c474528f7670b9b34c143222257 freerdp-libs-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: c0fc0fa8d6a59d3628705cf3a9098b4efecd6c1b2984faca8b57272bdaaecafc freerdp-libs-debuginfo-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: b03bd0d36412e4e839a880a9a7593b3bf2fc549efad284a8d8298e5babb867b1 libwinpr-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: 840cad6ecab7da1c34f28527742d695879a59c25eaa721912400e7d16c5653b2 libwinpr-debuginfo-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: 8ef246dd2bdd7e037f863c907c35d92b5afeb67a14650c3308815130cf70c59e libwinpr-devel-2.2.0-12.el8_8.5.ppc64le.rpm SHA-256: f3a1364e1bff24789928aa9e264afb06ef1a7338e475a862a3dceab990ed2140 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM freerdp-2.2.0-12.el8_8.5.src.rpm SHA-256: 2e50c6ab1e3c615d0c72dc787fda2ce29a3fe0e9b934d2a894cfb9669843d1d5 x86_64 freerdp-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: cfa212a8f8d8acaf67e6e5e3cb4a978010631a290457ecfd48e1d8f4d5abd844 freerdp-debuginfo-2.2.0-12.el8_8.5.i686.rpm SHA-256: 7f5db36caaa4c667d677fe8d407e4a29ff193e4d8662e405a19869860b0f7412 freerdp-debuginfo-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 08792be4c71c2ec758ffc570582c14655554deaffa3ed1e7483b54a2d428dd68 freerdp-debugsource-2.2.0-12.el8_8.5.i686.rpm SHA-256: a12cf0bb84d85c13ecd7a52ca5ec43fe5c437ef3b2ca39d3d1f97d54b3182620 freerdp-debugsource-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 132714be52d7775383e83529b370eb5eb924e232e76d795c297a7224e4d7307e freerdp-libs-2.2.0-12.el8_8.5.i686.rpm SHA-256: c59bf0793d6631568f08551f9d6101e94131232b0a6d97105c6337583be39dec freerdp-libs-2.2.0-12.el8_8.5.x86_64.rpm SHA-256: 2c6175914f0a22d401a20fe2aa