Red Hat Product Errata RHSA-2026:20546 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20546 - Security Advisory Overview Updated Packages Synopsis Moderate: freerdp security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for freerdp is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fix(es): freerdp: FreeRDP: Denial of service due to use-after-free vulnerability (CVE-2026-25952) freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect (CVE-2026-26986) freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity (CVE-2026-27951) freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId (CVE-2026-29775) freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks (CVE-2026-31885) freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 (CVE-2026-31884) freerdp: FreeRDP: Denial of Service via crafted audio data in RDP (CVE-2026-31883) FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read (CVE-2026-33985) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le Fixes BZ - 2442768 - CVE-2026-25952 freerdp: FreeRDP: Denial of service due to use-after-free vulnerability BZ - 2442782 - CVE-2026-26986 freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect BZ - 2442783 - CVE-2026-27951 freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity BZ - 2447379 - CVE-2026-29775 freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId BZ - 2447383 - CVE-2026-31885 freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks BZ - 2447385 - CVE-2026-31884 freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 BZ - 2447386 - CVE-2026-31883 freerdp: FreeRDP: Denial of Service via crafted audio data in RDP BZ - 2453217 - CVE-2026-33985 FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read CVEs CVE-2026-25952 CVE-2026-26986 CVE-2026-27951 CVE-2026-29775 CVE-2026-31883 CVE-2026-31884 CVE-2026-31885 CVE-2026-33985 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 SRPM freerdp-2.1.1-5.el7_9.9.src.rpm SHA-256: aff9724748c21c78cc910b4d7faa8d64ccb0aa60cac9a1550577bc00f3d0ac9c x86_64 freerdp-2.1.1-5.el7_9.9.x86_64.rpm SHA-256: dcd477cbe13337f0e8cb6f1f6298b068eda98cc1778b48eed0f511a0215bf480 freerdp-debuginfo-2.1.1-5.el7_9.9.i686.rpm SHA-256: d06f539f990792cd2719837fe39c16495e389a537fa7d635e1cdba71fe743c5c freerdp-debuginfo-2.1.1-5.el7_9.9.i686.rpm SHA-256: d06f539f990792cd2719837fe39c16495e389a537fa7d635e1cdba71fe743c5c freerdp-debuginfo-2.1.1-5.el7_9.9.x86_64.rpm SHA-256: 52c7ff5f5e89ea425ad397eaf195ab9e0239bd16d67a4dbebc430fa7e19268fa freerdp-debuginfo-2.1.1-5.el7_9.9.x86_64.rpm SHA-256: 52c7ff5f5e89ea425ad397eaf195ab9e0239bd16d67a4dbebc430fa7e19268fa freerdp-devel-2.1.1-5.el7_9.9.i686.rpm SHA-256: b134603dd6e87fcf05f1fb139e648b8d22093c5c1c4bd6327cf7790a36555e54 freerdp-devel-2.1.1-5.el7_9.9.x86_64.rpm SHA-256: 086aece577be1b4fdd9eec0ec10e56e47d8ef3e91d4bd3a1e077bc065cc05986 freerdp-libs-2.1.1-5.el7_9.9.i686.rpm SHA-256: 1d1a313f6ab063ee058f5d4dd6ba4781312f7853851bc5cc892a33919540a1e4 freerdp-libs-2.1.1-5.el7_9.9.x86_64.rpm SHA-256: 2d93adf23a4bdbd1ba03e36da4770c8f69baf210dc039e8a90372062e755400c libwinpr-2.1.1-5.el7_9.9.i686.rpm SHA-256: 0143bd8c018eac5fe445990fc5dd49035ddaef3d3d36a029a843e6a9505aaa43 libwinpr-2.1.1-5.el7_9.9.x86_64.rpm SHA-256: f63b11f3d9b3f2aea8d00d962914c805b57ca7000b2ff983bb82eaec2ef1f36a libwinpr-devel-2.1.1-5.el7_9.9.i686.rpm SHA-256: 48ae6b63c3b34564dd1f68a72e693e5f068c669316426839237896016d95e8ef libwinpr-devel-2.1.1-5.el7_9.9.x86_64.rpm SHA-256: 43d0ed3365aaa500cc42de6a9bb6169418054031863e1430d94b3c61dce204b7 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 SRPM freerdp-2.1.1-5.el7_9.9.src.rpm SHA-256: aff9724748c21c78cc910b4d7faa8d64ccb0aa60cac9a1550577bc00f3d0ac9c s390x freerdp-2.1.1-5.el7_9.9.s390x.rpm SHA-256: 4cbb1e0553880403eadc599ab7d63be401b3999de7de9df9d1cbbdb65c6756a1 freerdp-debuginfo-2.1.1-5.el7_9.9.s390.rpm SHA-256: 769727cb6531f836453d0657146264d510544bedd0e0b504585f85c533753ade freerdp-debuginfo-2.1.1-5.el7_9.9.s390.rpm SHA-256: 769727cb6531f836453d0657146264d510544bedd0e0b504585f85c533753ade freerdp-debuginfo-2.1.1-5.el7_9.9.s390x.rpm SHA-256: 952bae24585c13f931004852981983e1ab25fed670aaf8fc4dc42fe6a1357685 freerdp-debuginfo-2.1.1-5.el7_9.9.s390x.rpm SHA-256: 952bae24585c13f931004852981983e1ab25fed670aaf8fc4dc42fe6a1357685 freerdp-devel-2.1.1-5.el7_9.9.s390.rpm SHA-256: 602b7af08fb3d0f91ce2af4c3a4b03221970c0ccfaf4afe9d74b054862c4563f freerdp-devel-2.1.1-5.el7_9.9.s390x.rpm SHA-256: 75cd2b2e10edd8642b95605afa08ace925b999420e0a9b3d7cbc46fd4cd6569f freerdp-libs-2.1.1-5.el7_9.9.s390.rpm SHA-256: 9011e79acbc89a0a769fdc3e4ca1bedad3b9f3eed05ba61a3435b0ad7df77969 freerdp-libs-2.1.1-5.el7_9.9.s390x.rpm SHA-256: b82ba67db33b20a1a2e73cd627547dd3af11d55add5159bfd9a3606ab5d47e5f libwinpr-2.1.1-5.el7_9.9.s390.rpm SHA-256: 07792b9d206563f05cc964928c24a142d786d3165221e687b850b84fd80f5f5d libwinpr-2.1.1-5.el7_9.9.s390x.rpm SHA-256: a3121ca7d389bbf0d5e7336c1a062f9752ce1ec03f120e8c79a0711af9e50e8f libwinpr-devel-2.1.1-5.el7_9.9.s390.rpm SHA-256: cd34dcf2d27a5511b3b8e7c8bf8d1cb0f6a1d3a1a6e0f4ab6421fbe1ba1cd671 libwinpr-devel-2.1.1-5.el7_9.9.s390x.rpm SHA-256: f14b428724e0c89590a8e143c9a64a4d51a3a06cbea560dfd0b38c3072cc7407 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 SRPM freerdp-2.1.1-5.el7_9.9.src.rpm SHA-256: aff9724748c21c78cc910b4d7faa8d64ccb0aa60cac9a1550577bc00f3d0ac9c ppc64 freerdp-2.1.1-5.el7_9.9.ppc64.rpm SHA-256: 27b98a090c887ac15db8a4eb78fdb6f5bae13a35e9a6b36e380b058d179d4743 freerdp-debuginfo-2.1.1-5.el7_9.9.ppc.rpm SHA-256: 7376ab3ddb6e0fae61fc487a790defc1875a174b0d0e18a30dd70d4217c4829d freerdp-debuginfo-2.1.1-5.el7_9.9.ppc.rpm SHA-256: 7376ab3ddb6e0fae61fc487a790defc1875a174b0d0e18a30dd70d4217c4829d freerdp-debuginfo-2.1.1-5.el7_9.9.ppc64.rpm SHA-256: ef2a2fe66279ed4f1e8d9b597ec950457da9e78bd459e5c1c0715bfc055b4ae3 freerdp-debuginfo-2.1.1-5.el7_9.9.ppc64.rpm SHA-256: ef2a2fe66279ed4f1e8d9b597ec950457da9e78bd459e5c1c0715bfc055b4ae3 freerdp-devel-2.1.1-5.el7_9.9.ppc.rpm SHA-256: b4e448876daa9c667179a9d45b8cabffb11b5f9103ffde712832ee169669ebb3 freerdp-devel-2.1.1-5.el7_9.9.ppc64.rpm SHA-256: 5581b9d60fca9e2e4167e06910da0ffa329a68bc50f1395e71e9603882f90a2b freerdp-libs-2.1.1-5.el7_9.9.ppc.rpm SHA-256: 61a4520c18cf5fae813d12202de2e26b5e97abcae9ec2fc33be456647dd810d1 freerdp-libs-2.1.1-5.el7_9.9.ppc64.rpm SHA-256: 7f0f553ef9261d8caa142a05264b946ebfd3c433004b1a1ffbf297f453e05f73 libwinpr-2.1.1-5.el7_9.9.ppc.rpm SHA-256: 4932edc22d14e7342e972907799d5b236948374868c1e90ce77c6be706e717c1 libwinpr-2.1.1-5.el7_9.9.ppc64.rpm SHA-256: 2d40660c8355e4c85c0a245ba3d01368b35586d10bbecc2e10f2cbc0140f17cb libwinpr-devel-2.1.1-5.el7_9.9.ppc.rpm SHA-256: f50746d787734741a81d64b346d3b9b8940ab5a9f5401256b69c59af132f1170 libwinpr-devel-2.1.1-5.el7_9.9.ppc64.rpm SHA-256: 841832d66e9da98b79ab128a0b95310e81c838f312a505105a7cf5893a1e15a2 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 SRPM freerdp-2.1.1-5.el7_9.9.src.rpm SHA-256: aff9724748c21c78cc910b4d7faa8d64ccb0aa60cac9a1550577bc00f3d0ac9c ppc64le freerdp-2.1.1-5.el7_9.9.ppc64le.rpm SHA-256: ea9f63ef8b43646da23df9b9a68497a2fe3015fc0bb9df686326daffcdb1c2cd freerdp-debuginfo-2.1.1-5.el7_9.9.ppc64le.rpm SHA-256: bc425081dcf839b96fefd314c0c95d2dfc696a9c1df898e3eca18f3a366d1d2f freerdp-debuginfo-2.1.1-5.el7_9.9.ppc64le.rpm SHA-256: bc425081dcf839b96fefd314c0c95d2dfc696a9c1df898e3eca18f3a366d1d2f freerdp-devel-2.1.1-5.el7_9.9.ppc64le.rpm SHA-256: 88748461a9d7402c5b812af5b77ecfe51881b7b3af960af55bde2507ed4629ed freerdp-libs-2.1.1-5.el7_9.9.ppc64le.rpm SHA-256: 2c5d232150b0029b48b4abdfe29cc41d73c26731219839123810e8b23642b017 libwinpr-2.1.1-5.el7_9.9.ppc64le.rpm SHA-256: ad1d6fc9c465af2c290ef8bed047fd1a6115edd358fbac31ba6f2f54c3716617 libwinpr-devel-2.1.1-5.el7_9.9.ppc64le.rpm SHA-256: 7607a39a8760d8cd5c6403beaf95a2f0ef6c367e964b30cd4a3cb6c78e8ee36f The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .