Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-23948 (GCVE-0-2026-23948)
Vulnerability from cvelistv5 – Published: 2026-02-09 18:12 – Updated: 2026-02-10 16:02
VLAI
EPSS
Title
FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()
Summary
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability is fixed in 3.22.0.
Severity
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/FreeRDP/FreeRDP/security/advis… | x_refsource_CONFIRM |
| https://github.com/FreeRDP/FreeRDP/commit/4d44e3c… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-10T15:40:14.620862Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-10T16:02:38.268Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FreeRDP",
"vendor": "FreeRDP",
"versions": [
{
"status": "affected",
"version": "\u003c 3.22.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability is fixed in 3.22.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-09T18:12:00.737Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
}
],
"source": {
"advisory": "GHSA-6f3c-qvqq-2px5",
"discovery": "UNKNOWN"
},
"title": "FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-23948",
"datePublished": "2026-02-09T18:12:00.737Z",
"dateReserved": "2026-01-19T14:49:06.312Z",
"dateUpdated": "2026-02-10T16:02:38.268Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-23948",
"date": "2026-05-28",
"epss": "0.00022",
"percentile": "0.06456"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-23948\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-02-09T19:15:47.627\",\"lastModified\":\"2026-02-10T15:09:11.707\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability is fixed in 3.22.0.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"LOW\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.22.0\",\"matchCriteriaId\":\"9E363251-2275-4F89-B397-67FE461B63A0\"}]}]}],\"references\":[{\"url\":\"https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-23948\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-10T15:40:14.620862Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-10T15:40:15.305Z\"}}], \"cna\": {\"title\": \"FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()\", \"source\": {\"advisory\": \"GHSA-6f3c-qvqq-2px5\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 6.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"FreeRDP\", \"product\": \"FreeRDP\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.22.0\"}]}], \"references\": [{\"url\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5\", \"name\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860\", \"name\": \"https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, a NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0. This vulnerability is fixed in 3.22.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476: NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-02-09T18:12:00.737Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-23948\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-10T16:02:38.268Z\", \"dateReserved\": \"2026-01-19T14:49:06.312Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-02-09T18:12:00.737Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:9641
Vulnerability from csaf_redhat - Published: 2026-04-22 07:54 - Updated: 2026-05-19 15:37Summary
Red Hat Security Advisory: freerdp security update
Severity
Important
Notes
Topic: An update for freerdp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.
5.6 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.
8.1 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.
8.1 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.
6.5 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.
8.8 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
90 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9641",
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9641.json"
}
],
"title": "Red Hat Security Advisory: freerdp security update",
"tracking": {
"current_release_date": "2026-05-19T15:37:53+00:00",
"generator": {
"date": "2026-05-19T15:37:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2026:9641",
"initial_release_date": "2026-04-22T07:54:02+00:00",
"revision_history": [
{
"date": "2026-04-22T07:54:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-22T07:54:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-19T15:37:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.4.1-6.el9_2.6.src",
"product": {
"name": "freerdp-2:2.4.1-6.el9_2.6.src",
"product_id": "freerdp-2:2.4.1-6.el9_2.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.4.1-6.el9_2.6?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.4.1-6.el9_2.6.aarch64",
"product": {
"name": "freerdp-2:2.4.1-6.el9_2.6.aarch64",
"product_id": "freerdp-2:2.4.1-6.el9_2.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.4.1-6.el9_2.6?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"product": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"product_id": "freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.4.1-6.el9_2.6?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"product": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"product_id": "libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.4.1-6.el9_2.6?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"product": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"product_id": "freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.4.1-6.el9_2.6?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product_id": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.4.1-6.el9_2.6?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product_id": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.4.1-6.el9_2.6?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product_id": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.4.1-6.el9_2.6?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"product": {
"name": "freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"product_id": "freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.4.1-6.el9_2.6?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"product": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"product_id": "freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.4.1-6.el9_2.6?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"product": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"product_id": "libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.4.1-6.el9_2.6?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"product": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"product_id": "freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.4.1-6.el9_2.6?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product_id": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.4.1-6.el9_2.6?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.4.1-6.el9_2.6?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product_id": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.4.1-6.el9_2.6?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.4.1-6.el9_2.6.x86_64",
"product": {
"name": "freerdp-2:2.4.1-6.el9_2.6.x86_64",
"product_id": "freerdp-2:2.4.1-6.el9_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.4.1-6.el9_2.6?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"product": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"product_id": "freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.4.1-6.el9_2.6?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"product": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"product_id": "libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.4.1-6.el9_2.6?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"product": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"product_id": "freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.4.1-6.el9_2.6?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product_id": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.4.1-6.el9_2.6?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product_id": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.4.1-6.el9_2.6?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product_id": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.4.1-6.el9_2.6?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"product": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"product_id": "freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.4.1-6.el9_2.6?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.4.1-6.el9_2.6.i686",
"product": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.i686",
"product_id": "libwinpr-2:2.4.1-6.el9_2.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.4.1-6.el9_2.6?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"product": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"product_id": "freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.4.1-6.el9_2.6?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product_id": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.4.1-6.el9_2.6?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product_id": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.4.1-6.el9_2.6?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product_id": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.4.1-6.el9_2.6?arch=i686\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.4.1-6.el9_2.6.s390x",
"product": {
"name": "freerdp-2:2.4.1-6.el9_2.6.s390x",
"product_id": "freerdp-2:2.4.1-6.el9_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.4.1-6.el9_2.6?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"product": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"product_id": "freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.4.1-6.el9_2.6?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.4.1-6.el9_2.6.s390x",
"product": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.s390x",
"product_id": "libwinpr-2:2.4.1-6.el9_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.4.1-6.el9_2.6?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"product": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"product_id": "freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.4.1-6.el9_2.6?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product_id": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.4.1-6.el9_2.6?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product_id": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.4.1-6.el9_2.6?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product_id": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.4.1-6.el9_2.6?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.4.1-6.el9_2.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64"
},
"product_reference": "freerdp-2:2.4.1-6.el9_2.6.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.4.1-6.el9_2.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le"
},
"product_reference": "freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.4.1-6.el9_2.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x"
},
"product_reference": "freerdp-2:2.4.1-6.el9_2.6.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.4.1-6.el9_2.6.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src"
},
"product_reference": "freerdp-2:2.4.1-6.el9_2.6.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.4.1-6.el9_2.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64"
},
"product_reference": "freerdp-2:2.4.1-6.el9_2.6.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686"
},
"product_reference": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686"
},
"product_reference": "freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x"
},
"product_reference": "freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64"
},
"product_reference": "freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686"
},
"product_reference": "freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le"
},
"product_reference": "freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x"
},
"product_reference": "freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.4.1-6.el9_2.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64"
},
"product_reference": "freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64"
},
"product_reference": "libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686"
},
"product_reference": "libwinpr-2:2.4.1-6.el9_2.6.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le"
},
"product_reference": "libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x"
},
"product_reference": "libwinpr-2:2.4.1-6.el9_2.6.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.4.1-6.el9_2.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64"
},
"product_reference": "libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22852",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-14T18:01:37.291284+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429654"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"category": "external",
"summary": "RHBZ#2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
}
],
"release_date": "2026-01-14T17:45:22.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22854",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-14T18:01:27.671391+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429652"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"category": "external",
"summary": "RHBZ#2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
}
],
"release_date": "2026-01-14T17:47:49.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22856",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-01-14T18:01:14.358085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429650"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"category": "external",
"summary": "RHBZ#2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
}
],
"release_date": "2026-01-14T17:53:04.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-use-after-free"
},
{
"cve": "CVE-2026-23732",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-19T18:01:18.943425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"category": "external",
"summary": "RHBZ#2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
}
],
"release_date": "2026-01-19T17:12:57.772000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
},
{
"cve": "CVE-2026-23948",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:35.778373+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438207"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"category": "external",
"summary": "RHBZ#2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
}
],
"release_date": "2026-02-09T18:12:00.737000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
},
{
"cve": "CVE-2026-24491",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:21.676057+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438202"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client\u2011side heap use after free causing a crash (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"category": "external",
"summary": "RHBZ#2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
"url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
}
],
"release_date": "2026-02-09T18:13:44.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
},
{
"cve": "CVE-2026-24675",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:21.865304+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438221"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device\u0027s MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"category": "external",
"summary": "RHBZ#2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
}
],
"release_date": "2026-02-09T18:14:40.667000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
},
{
"cve": "CVE-2026-24676",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:18.996877+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438201"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-\u003eformat, leading to a use after free in audio_format_compatible. A malicious server can trigger a client\u2011side heap use after free causing a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"category": "external",
"summary": "RHBZ#2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
"url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
}
],
"release_date": "2026-02-09T18:15:33.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
},
{
"cve": "CVE-2026-24679",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-09T20:02:08.618280+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438217"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"category": "external",
"summary": "RHBZ#2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
}
],
"release_date": "2026-02-09T18:19:00.409000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
},
{
"cve": "CVE-2026-24681",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:45.088999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438210"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"category": "external",
"summary": "RHBZ#2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
"url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
}
],
"release_date": "2026-02-09T18:20:39.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
},
{
"cve": "CVE-2026-24684",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:39.156545+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438208"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"category": "external",
"summary": "RHBZ#2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
"url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
"url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
}
],
"release_date": "2026-02-09T18:23:02.882000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
},
{
"cve": "CVE-2026-31806",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-13T18:02:52.800795+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "RHBZ#2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"release_date": "2026-03-13T17:40:19.920000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T07:54:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9641"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.src",
"AppStream-9.2.0.Z.E4S:freerdp-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-debugsource-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:freerdp-libs-debuginfo-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-2:2.4.1-6.el9_2.6.x86_64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.aarch64",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.i686",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.ppc64le",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.s390x",
"AppStream-9.2.0.Z.E4S:libwinpr-debuginfo-2:2.4.1-6.el9_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
}
]
}
WID-SEC-W-2026-0244
Vulnerability from csaf_certbund - Published: 2026-01-27 23:00 - Updated: 2026-04-09 22:00Summary
FreeRDP: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: FreeRDP ist eine freie Implementierung des Remote Desktop Protocol (RDP).
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in FreeRDP ausnutzen, um einen Denial of Service zu verursachen oder potentiell beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source FreeRDP <3.22.0
Open Source / FreeRDP
|
<3.22.0 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
References
35 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeRDP ist eine freie Implementierung des Remote Desktop Protocol (RDP).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in FreeRDP ausnutzen, um einen Denial of Service zu verursachen oder potentiell beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0244 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0244.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0244 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0244"
},
{
"category": "external",
"summary": "FreeRDP Release Notes vom 2026-01-27",
"url": "https://www.freerdp.com/2026/01/28/3_22_0-release"
},
{
"category": "external",
"summary": "FreeRDP GitHub vom 2026-01-27",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10132-1 vom 2026-02-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3PECP75D65BGMOXX4VA6VFZW5A365UOB/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8042-1 vom 2026-02-16",
"url": "https://ubuntu.com/security/notices/USN-8042-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:3068 vom 2026-02-23",
"url": "https://access.redhat.com/errata/RHSA-2026:3068"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3068 vom 2026-02-24",
"url": "http://linux.oracle.com/errata/ELSA-2026-3068.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:3068 vom 2026-02-24",
"url": "https://errata.build.resf.org/RLSA-2026:3068"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0621-1 vom 2026-02-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024384.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10243-1 vom 2026-02-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PL2BIOE7TIZFAOWEAJZKSMOGJSNJNS55/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0649-1 vom 2026-02-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024398.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0683-1 vom 2026-02-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024493.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0762-1 vom 2026-03-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024554.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0763-1 vom 2026-03-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024553.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3181 vom 2026-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3181.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:4121 vom 2026-03-09",
"url": "https://access.redhat.com/errata/RHSA-2026:4121"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20339-1 vom 2026-03-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BXWDT2NJCKXIEJIDNY6MWR5WIFECK6OH/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0902-1 vom 2026-03-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024703.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0933-1 vom 2026-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024773.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0968-1 vom 2026-03-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024813.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0969-1 vom 2026-03-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024812.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6340 vom 2026-04-01",
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6340 vom 2026-04-01",
"url": "http://linux.oracle.com/errata/ELSA-2026-6340.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6727 vom 2026-04-07",
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6743 vom 2026-04-07",
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6799 vom 2026-04-07",
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6918 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6918 vom 2026-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2026-6918.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6958 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6340 vom 2026-04-07",
"url": "https://errata.build.resf.org/RLSA-2026:6340"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6799 vom 2026-04-08",
"url": "https://linux.oracle.com/errata/ELSA-2026-6799.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6918 vom 2026-04-09",
"url": "https://errata.build.resf.org/RLSA-2026:6918"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1217-1 vom 2026-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025164.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6799 vom 2026-04-09",
"url": "https://errata.build.resf.org/RLSA-2026:6799"
}
],
"source_lang": "en-US",
"title": "FreeRDP: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-09T22:00:00.000+00:00",
"generator": {
"date": "2026-04-10T07:16:05.899+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0244",
"initial_release_date": "2026-01-27T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-02-15T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-02-22T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-23T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-24T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-02-25T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-03-01T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-03T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-03-09T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-19T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-31T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-01T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-04-06T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-07T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat, Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-04-08T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und SUSE aufgenommen"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "21"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.22.0",
"product": {
"name": "Open Source FreeRDP \u003c3.22.0",
"product_id": "T050374"
}
},
{
"category": "product_version",
"name": "3.22.0",
"product": {
"name": "Open Source FreeRDP 3.22.0",
"product_id": "T050374-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:freerdp:freerdp:3.22.0"
}
}
}
],
"category": "product_name",
"name": "FreeRDP"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-23948",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-23948"
},
{
"cve": "CVE-2026-24491",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24491"
},
{
"cve": "CVE-2026-24675",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24675"
},
{
"cve": "CVE-2026-24676",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24676"
},
{
"cve": "CVE-2026-24677",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24677"
},
{
"cve": "CVE-2026-24678",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24678"
},
{
"cve": "CVE-2026-24679",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24679"
},
{
"cve": "CVE-2026-24680",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24680"
},
{
"cve": "CVE-2026-24681",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24681"
},
{
"cve": "CVE-2026-24682",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24682"
},
{
"cve": "CVE-2026-24683",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24683"
},
{
"cve": "CVE-2026-24684",
"product_status": {
"known_affected": [
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T050374",
"T032255"
]
},
"release_date": "2026-01-27T23:00:00.000+00:00",
"title": "CVE-2026-24684"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…