Red Hat Product Errata RHSA-2026:16482 - Security Advisory Issued: 2026-05-12 Updated: 2026-05-12 RHSA-2026:16482 - Security Advisory Overview Updated Packages Synopsis Moderate: freerdp security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for freerdp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): freerdp: FreeRDP: Denial of service due to use-after-free vulnerability (CVE-2026-25952) freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect (CVE-2026-26986) freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity (CVE-2026-27951) freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId (CVE-2026-29775) freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks (CVE-2026-31885) freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 (CVE-2026-31884) freerdp: FreeRDP: Denial of Service via crafted audio data in RDP (CVE-2026-31883) FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read (CVE-2026-33985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Fixes BZ - 2442768 - CVE-2026-25952 freerdp: FreeRDP: Denial of service due to use-after-free vulnerability BZ - 2442782 - CVE-2026-26986 freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect BZ - 2442783 - CVE-2026-27951 freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity BZ - 2447379 - CVE-2026-29775 freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId BZ - 2447383 - CVE-2026-31885 freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks BZ - 2447385 - CVE-2026-31884 freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 BZ - 2447386 - CVE-2026-31883 freerdp: FreeRDP: Denial of Service via crafted audio data in RDP BZ - 2453217 - CVE-2026-33985 FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read CVEs CVE-2026-25952 CVE-2026-26986 CVE-2026-27951 CVE-2026-29775 CVE-2026-31883 CVE-2026-31884 CVE-2026-31885 CVE-2026-33985 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM freerdp-2.11.7-1.el9_7.7.src.rpm SHA-256: 37330e33126dc703be96772afad477990e8871f58f64f16c9244e8c08e5e8798 x86_64 freerdp-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: 221b94650f4c206ebf173b1e22eb09454e49bc4c263f39d10fcbeaaee719004d freerdp-debuginfo-2.11.7-1.el9_7.7.i686.rpm SHA-256: 739f376de91dfd3ad2e65843683079fd1e6f3bfab40b62655b0bc9c3175fe5ec freerdp-debuginfo-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: 71596ee53619c8eabd8eeed623e63b13ece9bb38a2c9b058b265058f2bec897d freerdp-debugsource-2.11.7-1.el9_7.7.i686.rpm SHA-256: cea36df11acf613302943a2ebadd22f5a4f62d617a8e8179d5538af38e63253e freerdp-debugsource-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: e041cb827903940fb22c8905f6e83f9824c6b07bc2f6dd2c69657b4fddbd0fc6 freerdp-libs-2.11.7-1.el9_7.7.i686.rpm SHA-256: a8ea9ded9f238c55bc71246c3eaebea8fc55437ced50c72877a2736f641281d6 freerdp-libs-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: a1d08c445263392464dd7e425af3ecf81c3ec951d35e44f8446620e97613f955 freerdp-libs-debuginfo-2.11.7-1.el9_7.7.i686.rpm SHA-256: 986c310f96a524d60fc83e7825103f338500d99e229e3e9e1228d3291aea8259 freerdp-libs-debuginfo-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: bc871105a207e439ae8e189137508e706a1e568522f9546427158f65ca66c320 libwinpr-2.11.7-1.el9_7.7.i686.rpm SHA-256: 2ec31f3dc1a022a066e72b59d05686ce86023a647ed8d98e273666af4694a1a1 libwinpr-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: bce3e3d606d08e3d2cfd413b3d23ca6dcede75d789eb0c0110334d70edb9d1fe libwinpr-debuginfo-2.11.7-1.el9_7.7.i686.rpm SHA-256: 20f1a1148f937e9250a0770b3b7b60a05e8ba9c5c5c0a375dfec85eb2d6bd38a libwinpr-debuginfo-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: 1500b1d7634c39b32a5afbff39b8cd40bd3a84f03b91dd2e3b10001b6a9198bd Red Hat Enterprise Linux for IBM z Systems 9 SRPM freerdp-2.11.7-1.el9_7.7.src.rpm SHA-256: 37330e33126dc703be96772afad477990e8871f58f64f16c9244e8c08e5e8798 s390x freerdp-2.11.7-1.el9_7.7.s390x.rpm SHA-256: 75d155d8cfb04ea8f7a5f3215d0fb420152c67b74d7db7ca08af8033becf399f freerdp-debuginfo-2.11.7-1.el9_7.7.s390x.rpm SHA-256: 69353c585fb23a1c841b349634e03c027e881a87eceabb7c477ce52480e1861b freerdp-debugsource-2.11.7-1.el9_7.7.s390x.rpm SHA-256: 14bd38f86c69c6a3720560c4c854ccc80e7b677d4d08d00c0341beafb2ecbef1 freerdp-libs-2.11.7-1.el9_7.7.s390x.rpm SHA-256: 371ffe5f457e8174dfe212eea8c2e6df2d5ae8ad3306e5ec542640686831a9c8 freerdp-libs-debuginfo-2.11.7-1.el9_7.7.s390x.rpm SHA-256: 83289df9576ab09b5bb509419915d5fbcc0723e0597471272d7ceb349eb3167f libwinpr-2.11.7-1.el9_7.7.s390x.rpm SHA-256: d61848fc82b10d74792af5fbae48e035ab005489ce0d88aa8b15f710b1109d07 libwinpr-debuginfo-2.11.7-1.el9_7.7.s390x.rpm SHA-256: 173429c27ca4b7c545e8d145ffbabe956b9245c932d60c1795f381f72a2c3770 Red Hat Enterprise Linux for Power, little endian 9 SRPM freerdp-2.11.7-1.el9_7.7.src.rpm SHA-256: 37330e33126dc703be96772afad477990e8871f58f64f16c9244e8c08e5e8798 ppc64le freerdp-2.11.7-1.el9_7.7.ppc64le.rpm SHA-256: 86ac9b12fb63f9476af2e367ff1a9b8ba03ca97d0dc4c9a1b1fded57b917f0a7 freerdp-debuginfo-2.11.7-1.el9_7.7.ppc64le.rpm SHA-256: 27be594e50a73cdfed7992f2d9466b1fd64283ffdebf00f8425f82655148459b freerdp-debugsource-2.11.7-1.el9_7.7.ppc64le.rpm SHA-256: 0a76b6f7615dd6aa47e7270aa3aa3f56c2582be40416453866f1c021cc646b70 freerdp-libs-2.11.7-1.el9_7.7.ppc64le.rpm SHA-256: 543cacd7c5ce871ecd2a19f3e4bc7ddb5cbcca9d94c02d5dcc0267c17cba9918 freerdp-libs-debuginfo-2.11.7-1.el9_7.7.ppc64le.rpm SHA-256: ab5967840ff83b86da0040e7572998186ffe3ed5c3d3a582adcf7de223201f54 libwinpr-2.11.7-1.el9_7.7.ppc64le.rpm SHA-256: 01d19c0b7ebc529910cb9fdc57657f8f307572b4fc90bc6bf13138eefc819a87 libwinpr-debuginfo-2.11.7-1.el9_7.7.ppc64le.rpm SHA-256: da77215c9cebc89a5e04db0cca503d0e6c8fd3177eb8f100bdf1e25cc3f36fa1 Red Hat Enterprise Linux for ARM 64 9 SRPM freerdp-2.11.7-1.el9_7.7.src.rpm SHA-256: 37330e33126dc703be96772afad477990e8871f58f64f16c9244e8c08e5e8798 aarch64 freerdp-2.11.7-1.el9_7.7.aarch64.rpm SHA-256: 41dbcf22344c7b36f38d81b11116929ebafdf0b6fcd3e769aeca23036e346e1e freerdp-debuginfo-2.11.7-1.el9_7.7.aarch64.rpm SHA-256: da6953ecd996af97e0cf8e3f90b790a14d028dcc8a737f53dc78be4ee5ab1fe4 freerdp-debugsource-2.11.7-1.el9_7.7.aarch64.rpm SHA-256: 1c96d24fc192c03bbec9c479a3c1e1bde429da57a5f8108bb9153e007a0df677 freerdp-libs-2.11.7-1.el9_7.7.aarch64.rpm SHA-256: 94cff6f376f47e0e17fdb4c9d0a64c6245bf4860ad76a1e070348131ca5a053b freerdp-libs-debuginfo-2.11.7-1.el9_7.7.aarch64.rpm SHA-256: 8ee402a82eac55f92b1250fc06e9ab57230dd10d6191c1d9472ff2d462bc5343 libwinpr-2.11.7-1.el9_7.7.aarch64.rpm SHA-256: 76f1f27c87df77f7ca01837ee7425f316160789497ae7ecd6f2ba2a459340b19 libwinpr-debuginfo-2.11.7-1.el9_7.7.aarch64.rpm SHA-256: f65e63ecd20c439b01bc24586c70dbfabfbbe2b88a6316950981ccb80b84de7a Red Hat CodeReady Linux Builder for x86_64 9 SRPM x86_64 freerdp-debuginfo-2.11.7-1.el9_7.7.i686.rpm SHA-256: 739f376de91dfd3ad2e65843683079fd1e6f3bfab40b62655b0bc9c3175fe5ec freerdp-debuginfo-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: 71596ee53619c8eabd8eeed623e63b13ece9bb38a2c9b058b265058f2bec897d freerdp-debugsource-2.11.7-1.el9_7.7.i686.rpm SHA-256: cea36df11acf613302943a2ebadd22f5a4f62d617a8e8179d5538af38e63253e freerdp-debugsource-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: e041cb827903940fb22c8905f6e83f9824c6b07bc2f6dd2c69657b4fddbd0fc6 freerdp-devel-2.11.7-1.el9_7.7.i686.rpm SHA-256: e3ae4f40954cdc195c9f3d14ccde88d5288e3d47a4590212af01db61def3d018 freerdp-devel-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: 3156d9a6fbc6fdbe3b4f6152194ebc821e4ae30f6de5f25892bb7a1c35e515cc freerdp-libs-debuginfo-2.11.7-1.el9_7.7.i686.rpm SHA-256: 986c310f96a524d60fc83e7825103f338500d99e229e3e9e1228d3291aea8259 freerdp-libs-debuginfo-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: bc871105a207e439ae8e189137508e706a1e568522f9546427158f65ca66c320 libwinpr-debuginfo-2.11.7-1.el9_7.7.i686.rpm SHA-256: 20f1a1148f937e9250a0770b3b7b60a05e8ba9c5c5c0a375dfec85eb2d6bd38a libwinpr-debuginfo-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: 1500b1d7634c39b32a5afbff39b8cd40bd3a84f03b91dd2e3b10001b6a9198bd libwinpr-devel-2.11.7-1.el9_7.7.i686.rpm SHA-256: bac9d3d2c9d17d5a72e05b75acd463fe912f6d0559a968f0ddf23121020b40da libwinpr-devel-2.11.7-1.el9_7.7.x86_64.rpm SHA-256: fb7087bf6ceec4a6428592b5a1bbd3c6ef22f4e7648ad742fb6beb95c68c1ced Red Hat CodeReady Linux Builder for Power, little endian 9 SRPM ppc64le freerdp-debuginfo-2.11.7-1.el9_7.7.ppc64l