Red Hat Product Errata RHSA-2026:16014 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:16014 - Security Advisory Overview Updated Packages Synopsis Moderate: freerdp security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for freerdp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect (CVE-2026-25997) freerdp: FreeRDP: Denial of service due to use-after-free vulnerability (CVE-2026-25952) freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect (CVE-2026-26986) freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId (CVE-2026-29775) freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks (CVE-2026-31885) freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 (CVE-2026-31884) freerdp: FreeRDP: Denial of Service via crafted audio data in RDP (CVE-2026-31883) FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read (CVE-2026-33985) FreeRDP: FreeRDP: Information disclosure and denial of service via heap-buffer-overflow read (CVE-2026-33982) FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution (CVE-2026-33987) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Fixes BZ - 2442764 - CVE-2026-25997 freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect BZ - 2442768 - CVE-2026-25952 freerdp: FreeRDP: Denial of service due to use-after-free vulnerability BZ - 2442782 - CVE-2026-26986 freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect BZ - 2447379 - CVE-2026-29775 freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId BZ - 2447383 - CVE-2026-31885 freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks BZ - 2447385 - CVE-2026-31884 freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 BZ - 2447386 - CVE-2026-31883 freerdp: FreeRDP: Denial of Service via crafted audio data in RDP BZ - 2453217 - CVE-2026-33985 FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read BZ - 2453218 - CVE-2026-33982 FreeRDP: FreeRDP: Information disclosure and denial of service via heap-buffer-overflow read BZ - 2453226 - CVE-2026-33987 FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution CVEs CVE-2026-25952 CVE-2026-25997 CVE-2026-26986 CVE-2026-29775 CVE-2026-31883 CVE-2026-31884 CVE-2026-31885 CVE-2026-33982 CVE-2026-33985 CVE-2026-33987 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM freerdp-3.10.3-5.el10_1.8.src.rpm SHA-256: f6e8d21fa5b19553fab2b773d2bcf05fb99a6614bf791837a9d91773cec80ead x86_64 freerdp-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 00bc25498205acf063d5c4aec7d1b13d29c262321ebc93d5b624e9bb15c5afa7 freerdp-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 44eeac999ad90b0514ca59af8bbc5e38c0d0727abaf1d5d80b42e52bfe5e0250 freerdp-debugsource-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 1c3891276aabdac6fe6200f6da0529eaa2ea8324ca0d67cbcbb4f52331851ef3 freerdp-libs-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: cb8b3f787ffc289076ef6c5ee92d679a000bb46f8b50d9f9d89dae3a65e7505b freerdp-libs-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: e9eb7aaae2bd21ca9980f5b06a6a17694b44f1c927749011c4ec086c58934124 freerdp-server-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 2d060dd0e017b7a6912deb41fba32f4932ddab292ccb830ba881d09848b9b09e libwinpr-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 14d2438f9d3190abb9e0afc02ecf929be1bc6360418715e3ce17537e9c8a3678 libwinpr-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: e2fa35d943087ca7d6bccd016f50dad55ca55d07144ba3d4909ea40fb4579aef Red Hat Enterprise Linux for IBM z Systems 10 SRPM freerdp-3.10.3-5.el10_1.8.src.rpm SHA-256: f6e8d21fa5b19553fab2b773d2bcf05fb99a6614bf791837a9d91773cec80ead s390x freerdp-3.10.3-5.el10_1.8.s390x.rpm SHA-256: 7bbb75b81b044d6a63d0bc928c4289227bd1dca29cbcc61deb9395f5ca1d3e2a freerdp-debuginfo-3.10.3-5.el10_1.8.s390x.rpm SHA-256: 3b53ba307450899d3cb05dcbd6f76c72f85559be0c2e99390d395d4ab53bc9e5 freerdp-debugsource-3.10.3-5.el10_1.8.s390x.rpm SHA-256: f866f9c692a3487a3d9192d7fef971d90396743e5a1aa03bc2aa5ada741c6122 freerdp-libs-3.10.3-5.el10_1.8.s390x.rpm SHA-256: ae14673421a55f5fce7c847860df8214c5ab37e40f7c951d3d2624f7779f170c freerdp-libs-debuginfo-3.10.3-5.el10_1.8.s390x.rpm SHA-256: 68b6272052d9fdcabb4cc25c2d5cdbdc3cd4c4da7ab891e1410b9e70e51125c0 freerdp-server-debuginfo-3.10.3-5.el10_1.8.s390x.rpm SHA-256: 566c066476ac5e957a30c5325e1aa7e37900d1c0e225ba1cb88695e1fc79a20a libwinpr-3.10.3-5.el10_1.8.s390x.rpm SHA-256: 9c199218e548f842076bf1ee12ff797d23aeb6ba50705eaec1373bb3e748cdb5 libwinpr-debuginfo-3.10.3-5.el10_1.8.s390x.rpm SHA-256: f33a42835d405908daff296574f22f79acb99cc904a6630ea4f32373d95ace30 Red Hat Enterprise Linux for Power, little endian 10 SRPM freerdp-3.10.3-5.el10_1.8.src.rpm SHA-256: f6e8d21fa5b19553fab2b773d2bcf05fb99a6614bf791837a9d91773cec80ead ppc64le freerdp-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 70fa8bb7989af3e8c0515dbd8c3a9e476e840bf1fb3e5d99179fd8bb209b0292 freerdp-debuginfo-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 5d9e7238fd3c0aee9771e52e81c16a4eb25f6494baa21c3b6525d2141ba61d70 freerdp-debugsource-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 8ef350c53037810915fa84b300785e800bd4eacc6867b5c1db44ba1dfe69f2f9 freerdp-libs-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 808cca145c86ef9647c0671c7e12e8593a3eb45bab060369d418100b35670b23 freerdp-libs-debuginfo-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 5d4d5cf77a1a3ba0200e42544f74c088abf25dc9b271396f36579180efc086e8 freerdp-server-debuginfo-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 7e279e3b20cf063a43969780e5051c376ed58be870c51a063a97c93db2953cc4 libwinpr-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 5866a9cc42e4b572bcec98761dd4cb8a6111e6533b6a576dc28b707ed2952f0c libwinpr-debuginfo-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: a98b9d4362fc60823689d885b925e9d9266250f6f5d91f75757245a0a2346928 Red Hat Enterprise Linux for ARM 64 10 SRPM freerdp-3.10.3-5.el10_1.8.src.rpm SHA-256: f6e8d21fa5b19553fab2b773d2bcf05fb99a6614bf791837a9d91773cec80ead aarch64 freerdp-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: 72a3c46c802af7a0af85d36b1c33c1f99b1fcaf67ac08401a2bfb875d4633913 freerdp-debuginfo-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: 974a20ad6c18fd8748b8653abad715db963c8225f8ab690918aa36d6bf3c546a freerdp-debugsource-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: dae60001bdee99608c12fc20ee7269b59d7a27ffe80574eb15ca887c968154d0 freerdp-libs-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: 98a480c9893a15025e39aa125eb55223ac392fdad3d7f13f8c1654bf6617d65c freerdp-libs-debuginfo-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: 4ddf0cc90ecf35b28acf9ecc8730a4d1bf3b28390051bc9f555f3e86a05e1d90 freerdp-server-debuginfo-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: 078bd62ed8f8030131f88b4e19e00216b52b8f23345cb2e1612858db181bd6f9 libwinpr-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: adb347e13fde25df6e446bb04e74153334f84128f7cbbaa73dc121d6b740fe7f libwinpr-debuginfo-3.10.3-5.el10_1.8.aarch64.rpm SHA-256: aff36b383c58fd846a2ca1417e0e50aae675be652e905efc774235df7c46394d Red Hat CodeReady Linux Builder for x86_64 10 SRPM x86_64 freerdp-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 44eeac999ad90b0514ca59af8bbc5e38c0d0727abaf1d5d80b42e52bfe5e0250 freerdp-debugsource-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 1c3891276aabdac6fe6200f6da0529eaa2ea8324ca0d67cbcbb4f52331851ef3 freerdp-devel-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: a3cce48d4ea51470d66f8e75984ca71f7e16ff77a0bfd0cd1c59fe13265c2831 freerdp-libs-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: e9eb7aaae2bd21ca9980f5b06a6a17694b44f1c927749011c4ec086c58934124 freerdp-server-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 88ad538433a07f5d8d434264a45421855d222bdced2e40470f582f1a41f80974 freerdp-server-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: 2d060dd0e017b7a6912deb41fba32f4932ddab292ccb830ba881d09848b9b09e libwinpr-debuginfo-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: e2fa35d943087ca7d6bccd016f50dad55ca55d07144ba3d4909ea40fb4579aef libwinpr-devel-3.10.3-5.el10_1.8.x86_64.rpm SHA-256: d71c2f692d5676d7e46c2fc0d2e707592fa2c551e496378674509718bb08d134 Red Hat CodeReady Linux Builder for Power, little endian 10 SRPM ppc64le freerdp-debuginfo-3.10.3-5.el10_1.8.ppc64le.rpm SHA-256: 5d9e7238fd3c0aee9771e52e81c16a4eb25f6494baa21c3b6525d2141ba61d70 freerdp-debu