Red Hat Product Errata RHSA-2026:19142 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19142 - Security Advisory Overview Updated Packages Synopsis Moderate: freerdp security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for freerdp is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect (CVE-2026-25997) freerdp: FreeRDP: Denial of service due to use-after-free vulnerability (CVE-2026-25952) freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect (CVE-2026-26986) freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId (CVE-2026-29775) freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks (CVE-2026-31885) freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 (CVE-2026-31884) freerdp: FreeRDP: Denial of Service via crafted audio data in RDP (CVE-2026-31883) FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read (CVE-2026-33985) FreeRDP: FreeRDP: Information disclosure and denial of service via heap-buffer-overflow read (CVE-2026-33982) FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution (CVE-2026-33987) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.2 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2442764 - CVE-2026-25997 freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect BZ - 2442768 - CVE-2026-25952 freerdp: FreeRDP: Denial of service due to use-after-free vulnerability BZ - 2442782 - CVE-2026-26986 freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect BZ - 2447379 - CVE-2026-29775 freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId BZ - 2447383 - CVE-2026-31885 freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks BZ - 2447385 - CVE-2026-31884 freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 BZ - 2447386 - CVE-2026-31883 freerdp: FreeRDP: Denial of Service via crafted audio data in RDP BZ - 2453217 - CVE-2026-33985 FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read BZ - 2453218 - CVE-2026-33982 FreeRDP: FreeRDP: Information disclosure and denial of service via heap-buffer-overflow read BZ - 2453226 - CVE-2026-33987 FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution CVEs CVE-2026-25952 CVE-2026-25997 CVE-2026-26986 CVE-2026-29775 CVE-2026-31883 CVE-2026-31884 CVE-2026-31885 CVE-2026-33982 CVE-2026-33985 CVE-2026-33987 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM freerdp-3.10.3-12.el10_2.5.src.rpm SHA-256: 34d0047cb32377fca0181c10f58765085f2045b2e4c6ac823c404ec205fd1eb0 x86_64 freerdp-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 14b3f69c98e2e45f25806917c25c527f279e17d3575dce50bd51318198a9ac91 freerdp-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 6858a335ba3bbf0a7adaa201a8ffaa2780bb57a24813f174f32448a82cbe91e7 freerdp-debugsource-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 331d9671b91a63bc590d4931b6cff4450bf695a71b3685194d983a29cc40f887 freerdp-libs-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: a5174a9cf7b2f64d5e10659171f6e907ef7d9f86cdfea7e0aca44a30e87bd920 freerdp-libs-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: b9be4f52516b83cb322c5357010ed3e70c4cd96fd2236416db14638fa2039a59 freerdp-server-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 43d94c82a1339fa64aad1bdeeaddc47be7b01377f8fe19829ac815de32e729ad libwinpr-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 3498b41854b7458a7bbd87ee61ad9043869a46d4fb8072ea5ca6343407c7ec74 libwinpr-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: d231a919d025f9b05bd24e13de93a8e69f15c1091aa577775cf32f187bad6e8c Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM freerdp-3.10.3-12.el10_2.5.src.rpm SHA-256: 34d0047cb32377fca0181c10f58765085f2045b2e4c6ac823c404ec205fd1eb0 x86_64 freerdp-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 14b3f69c98e2e45f25806917c25c527f279e17d3575dce50bd51318198a9ac91 freerdp-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 6858a335ba3bbf0a7adaa201a8ffaa2780bb57a24813f174f32448a82cbe91e7 freerdp-debugsource-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 331d9671b91a63bc590d4931b6cff4450bf695a71b3685194d983a29cc40f887 freerdp-libs-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: a5174a9cf7b2f64d5e10659171f6e907ef7d9f86cdfea7e0aca44a30e87bd920 freerdp-libs-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: b9be4f52516b83cb322c5357010ed3e70c4cd96fd2236416db14638fa2039a59 freerdp-server-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 43d94c82a1339fa64aad1bdeeaddc47be7b01377f8fe19829ac815de32e729ad libwinpr-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: 3498b41854b7458a7bbd87ee61ad9043869a46d4fb8072ea5ca6343407c7ec74 libwinpr-debuginfo-3.10.3-12.el10_2.5.x86_64.rpm SHA-256: d231a919d025f9b05bd24e13de93a8e69f15c1091aa577775cf32f187bad6e8c Red Hat Enterprise Linux for IBM z Systems 10 SRPM freerdp-3.10.3-12.el10_2.5.src.rpm SHA-256: 34d0047cb32377fca0181c10f58765085f2045b2e4c6ac823c404ec205fd1eb0 s390x freerdp-3.10.3-12.el10_2.5.s390x.rpm SHA-256: b0c6db4b5145d6e3c6414ac4d344b8aefe4bac8a83599eb0c018f304b4a212b1 freerdp-debuginfo-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 50bb22d6c9e2c5fef89e7639b963fd96ecb01ce4734b9b629760b23f4847e61b freerdp-debugsource-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 978dd8772de0a8013b83f5c67d44acfac60d6ac33aeb8ce05e43e4fc5733cf4d freerdp-libs-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 975c7796e1ca64017b17dd694320f6950d2af0c9fbc26cc49890b3be68df0fba freerdp-libs-debuginfo-3.10.3-12.el10_2.5.s390x.rpm SHA-256: a317e40a9618f2b7ef16fa4d3adaa408b30f984f73ed53272d95f0cbca8893df freerdp-server-debuginfo-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 276c8d7a56d1343591d67c2c695c4a2f24e66fb98f5d171193882217322a6019 libwinpr-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 170c1af237b8ae92b4f1a81cdee904e18b026786bd266c9ccf90aec90d4dec32 libwinpr-debuginfo-3.10.3-12.el10_2.5.s390x.rpm SHA-256: bf410d811b77d21a7870c94f08a5236840dd1aeb4827cf0e9771ea74ea923b9e Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM freerdp-3.10.3-12.el10_2.5.src.rpm SHA-256: 34d0047cb32377fca0181c10f58765085f2045b2e4c6ac823c404ec205fd1eb0 s390x freerdp-3.10.3-12.el10_2.5.s390x.rpm SHA-256: b0c6db4b5145d6e3c6414ac4d344b8aefe4bac8a83599eb0c018f304b4a212b1 freerdp-debuginfo-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 50bb22d6c9e2c5fef89e7639b963fd96ecb01ce4734b9b629760b23f4847e61b freerdp-debugsource-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 978dd8772de0a8013b83f5c67d44acfac60d6ac33aeb8ce05e43e4fc5733cf4d freerdp-libs-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 975c7796e1ca64017b17dd694320f6950d2af0c9fbc26cc49890b3be68df0fba freerdp-libs-debuginfo-3.10.3-12.el10_2.5.s390x.rpm SHA-256: a317e40a9618f2b7ef16fa4d3adaa408b30f984f73ed53272d95f0cbca8893df freerdp-server-debuginfo-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 276c8d7a56d1343591d67c2c695c4a2f24e66fb98f5d171193882217322a6019 libwinpr-3.10.3-12.el10_2.5.s390x.rpm SHA-256: 170c1af237b8ae92b4f1a81cdee904e18b026786bd266c9ccf90aec90d4dec32 libwinpr-debuginfo-3.10.3-12.el10_2.5.