A heap buffer overflow (CVE-2026-33984, CVSS 7.5 HIGH) in FreeRDP allows arbitrary code execution via crafted pixel data, while a separate flaw (CVE-2026-33983, CVSS 6.5 MEDIUM) enables denial of service via specially crafted RDP messages. These vulnerabilities affect FreeRDP versions prior to 3.24.2. The security update requires upgrading to FreeRDP version 3.24.2.
Red Hat Product Errata RHSA-2026:11651 - Security Advisory Issued: 2026-04-29 Updated: 2026-04-29 RHSA-2026:11651 - Security Advisory Overview Updated Packages Synopsis Important: freerdp security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for freerdp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data (CVE-2026-33984) FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages (CVE-2026-33983) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 8.2 x86_64 Fixes BZ - 2453219 - CVE-2026-33984 FreeRDP: FreeRDP: Heap buffer overflow allows arbitrary code execution via crafted pixel data BZ - 2453220 - CVE-2026-33983 FreeRDP: FreeRDP: Denial of Service via specially crafted Remote Desktop Protocol messages CVEs CVE-2026-33983 CVE-2026-33984 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 8.2 SRPM freerdp-2.0.0-46.rc4.el8_2.11.src.rpm SHA-256: 31626aba2c4d7ff80498ed02eed05b59d9222af8b7c70e448a5c63b547224e3a x86_64 freerdp-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: ba3fbda269fd9ceb6f94926e11ee4d8c361aa044df4b7e16108b47d4b305a253 freerdp-debuginfo-2.0.0-46.rc4.el8_2.11.i686.rpm SHA-256: 579305e0ec497ac83c5480bed46feb9028721877735f0e905a3e969b9368fe25 freerdp-debuginfo-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: b59d19d879e02a9209a9b685f58dd29b0099a9c1613092dda7a5d74fe50d886e freerdp-debugsource-2.0.0-46.rc4.el8_2.11.i686.rpm SHA-256: c55cf09d2e01e804670ada1f0823566add7a927ebf9c6ff3a0bcb0e7c0d08c3a freerdp-debugsource-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: 1e01213ab6c37c02be2704a049c3915a5628e92f5b7e003a2afb41e77e58f40f freerdp-libs-2.0.0-46.rc4.el8_2.11.i686.rpm SHA-256: a51dc12906bc6646fe142f57c7778050c6b563482ecaca7f6d9743607d2c1649 freerdp-libs-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: bf4176bfa23e7546285bc3fd800b54f1b0b604ec5a0b0f22f13bc7bd8155ca26 freerdp-libs-debuginfo-2.0.0-46.rc4.el8_2.11.i686.rpm SHA-256: 86f87dbc79bde9d6ac08da88bbbc7ad6af4aa8b5dbb547277abcf31ac5388178 freerdp-libs-debuginfo-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: 8db3da0e638ecba46b557cdffaa96ae958d6d4d5f8bf2a68718ae6d71d6d517a libwinpr-2.0.0-46.rc4.el8_2.11.i686.rpm SHA-256: 5385e48ba7a399f1e631b727692749846b4b970bff6daa73aa4041dd773c3423 libwinpr-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: 0c7cea700af7d3aaeccf0cc05cddd7f44b4843711a3ba5cb51404c5929d4bd2e libwinpr-debuginfo-2.0.0-46.rc4.el8_2.11.i686.rpm SHA-256: fa1d2e890255a84cad6adc441d0bcc868ae713e39cd4d6602d93264c063a5d0b libwinpr-debuginfo-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: f2d24302db64a654bf09b56f8c86cee4d570ad719d7377375b06955e2c01c9ea libwinpr-devel-2.0.0-46.rc4.el8_2.11.i686.rpm SHA-256: e414987900a0504156a1baa78e6ed9d1a417d190f2af7ffc2faf8077e1a6b8d2 libwinpr-devel-2.0.0-46.rc4.el8_2.11.x86_64.rpm SHA-256: ae153a531e0ae805baa919f2f95397ab089f61192e78c9dad16a60847898d677 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .