Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-31806 (GCVE-0-2026-31806)
Vulnerability from cvelistv5 – Published: 2026-03-13 17:40 – Updated: 2026-03-15 01:51
VLAI?
EPSS
Title
FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions
Summary
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-31806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-14T03:55:34.087938Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-15T01:51:18.600Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "FreeRDP",
"vendor": "FreeRDP",
"versions": [
{
"status": "affected",
"version": "\u003c 3.24.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T17:40:19.920Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
}
],
"source": {
"advisory": "GHSA-rrqm-46rj-cmx2",
"discovery": "UNKNOWN"
},
"title": "FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-31806",
"datePublished": "2026-03-13T17:40:19.920Z",
"dateReserved": "2026-03-09T16:33:42.913Z",
"dateUpdated": "2026-03-15T01:51:18.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-31806\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-13T19:54:36.300\",\"lastModified\":\"2026-03-17T14:27:20.100\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.24.0\",\"matchCriteriaId\":\"97FCA262-35C3-4B6B-A321-15CE780FCA20\"}]}]}],\"references\":[{\"url\":\"https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-31806\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-14T03:55:34.087938Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-15T01:50:40.332Z\"}}], \"cna\": {\"title\": \"FreeRDP has a Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions\", \"source\": {\"advisory\": \"GHSA-rrqm-46rj-cmx2\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"FreeRDP\", \"product\": \"FreeRDP\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.24.0\"}]}], \"references\": [{\"url\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2\", \"name\": \"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b\", \"name\": \"https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"CWE-122: Heap-based Buffer Overflow\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-13T17:40:19.920Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-31806\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-15T01:51:18.600Z\", \"dateReserved\": \"2026-03-09T16:33:42.913Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-13T17:40:19.920Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
alsa-2026:6340
Vulnerability from osv_almalinux
Published
2026-04-01 00:00
Modified
2026-04-02 09:09
Summary
Important: freerdp security update
Details
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
- freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
- freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
- freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
- freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
- freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
- freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
- freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
- freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
- freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
- freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
- freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
- freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
- freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "freerdp"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:2.11.7-1.el9_7.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "freerdp-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:2.11.7-1.el9_7.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "freerdp-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:2.11.7-1.el9_7.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libwinpr"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:2.11.7-1.el9_7.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libwinpr-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2:2.11.7-1.el9_7.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. \n\nSecurity Fix(es): \n\n * freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n * freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n * freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n * freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n * freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n * freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n * freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n * freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n * freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n * freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n * freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n * freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n",
"id": "ALSA-2026:6340",
"modified": "2026-04-02T09:09:13Z",
"published": "2026-04-01T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-24683"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2429650"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2429652"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2429654"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2430881"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438201"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438202"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438207"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438208"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438210"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438216"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438217"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2438221"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2447376"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2026-6340.html"
}
],
"related": [
"CVE-2026-22856",
"CVE-2026-22854",
"CVE-2026-22852",
"CVE-2026-23732",
"CVE-2026-24676",
"CVE-2026-24491",
"CVE-2026-23948",
"CVE-2026-24684",
"CVE-2026-24681",
"CVE-2026-24683",
"CVE-2026-24679",
"CVE-2026-24675",
"CVE-2026-31806"
],
"summary": "Important: freerdp security update"
}
RHSA-2026:6799
Vulnerability from csaf_redhat - Published: 2026-04-07 12:25 - Updated: 2026-04-08 13:34Summary
Red Hat Security Advisory: freerdp security update
Severity
Important
Notes
Topic: An update for freerdp is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
* freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free (CVE-2026-24682)
* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), leading to out-of-bounds access in audio_formats_free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6799
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free (CVE-2026-24682)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6799",
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "2438212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438212"
},
{
"category": "external",
"summary": "2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6799.json"
}
],
"title": "Red Hat Security Advisory: freerdp security update",
"tracking": {
"current_release_date": "2026-04-08T13:34:41+00:00",
"generator": {
"date": "2026-04-08T13:34:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6799",
"initial_release_date": "2026-04-07T12:25:28+00:00",
"revision_history": [
{
"date": "2026-04-07T12:25:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-07T12:25:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T13:34:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-5.el10_1.5.src",
"product": {
"name": "freerdp-2:3.10.3-5.el10_1.5.src",
"product_id": "freerdp-2:3.10.3-5.el10_1.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-5.el10_1.5?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"product": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"product_id": "libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-5.el10_1.5?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"product": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"product_id": "libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-5.el10_1.5?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"product": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"product_id": "libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-5.el10_1.5?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.s390x",
"product_id": "libwinpr-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_id": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"product_id": "freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"product": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"product_id": "libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-5.el10_1.5?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.src",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"relates_to_product_reference": "CRB-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
},
"product_reference": "libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"relates_to_product_reference": "CRB-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22852",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-14T18:01:37.291284+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429654"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"category": "external",
"summary": "RHBZ#2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
}
],
"release_date": "2026-01-14T17:45:22.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22854",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-14T18:01:27.671391+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429652"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"category": "external",
"summary": "RHBZ#2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
}
],
"release_date": "2026-01-14T17:47:49.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22856",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-01-14T18:01:14.358085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429650"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"category": "external",
"summary": "RHBZ#2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
}
],
"release_date": "2026-01-14T17:53:04.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-use-after-free"
},
{
"cve": "CVE-2026-23732",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-19T18:01:18.943425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"category": "external",
"summary": "RHBZ#2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
}
],
"release_date": "2026-01-19T17:12:57.772000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
},
{
"cve": "CVE-2026-23948",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:35.778373+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438207"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"category": "external",
"summary": "RHBZ#2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
}
],
"release_date": "2026-02-09T18:12:00.737000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
},
{
"cve": "CVE-2026-24491",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:21.676057+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438202"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client\u2011side heap use after free causing a crash (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"category": "external",
"summary": "RHBZ#2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
"url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
}
],
"release_date": "2026-02-09T18:13:44.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
},
{
"cve": "CVE-2026-24675",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:21.865304+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438221"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device\u0027s MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"category": "external",
"summary": "RHBZ#2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
}
],
"release_date": "2026-02-09T18:14:40.667000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
},
{
"cve": "CVE-2026-24676",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:18.996877+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438201"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-\u003eformat, leading to a use after free in audio_format_compatible. A malicious server can trigger a client\u2011side heap use after free causing a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"category": "external",
"summary": "RHBZ#2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
"url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
}
],
"release_date": "2026-02-09T18:15:33.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
},
{
"cve": "CVE-2026-24679",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-09T20:02:08.618280+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438217"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"category": "external",
"summary": "RHBZ#2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
}
],
"release_date": "2026-02-09T18:19:00.409000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
},
{
"cve": "CVE-2026-24681",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:45.088999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438210"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"category": "external",
"summary": "RHBZ#2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
"url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
}
],
"release_date": "2026-02-09T18:20:39.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
},
{
"cve": "CVE-2026-24682",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:54.069961+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438212"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), leading to out-of-bounds access in audio_formats_free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24682"
},
{
"category": "external",
"summary": "RHBZ#2438212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24682",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24682"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24682",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24682"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/1c5c74223179d425a1ce6dbbb6a3dd2a958b7aee",
"url": "https://github.com/FreeRDP/FreeRDP/commit/1c5c74223179d425a1ce6dbbb6a3dd2a958b7aee"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcw2-pqgw-mx6g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcw2-pqgw-mx6g"
}
],
"release_date": "2026-02-09T18:21:39.733000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free"
},
{
"cve": "CVE-2026-24683",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:05.563918+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438216"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24683"
},
{
"category": "external",
"summary": "RHBZ#2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q"
}
],
"release_date": "2026-02-09T18:22:17.636000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event"
},
{
"cve": "CVE-2026-24684",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:39.156545+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438208"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"category": "external",
"summary": "RHBZ#2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
"url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
"url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
}
],
"release_date": "2026-02-09T18:23:02.882000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
},
{
"cve": "CVE-2026-31806",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-13T18:02:52.800795+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "RHBZ#2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"release_date": "2026-03-13T17:40:19.920000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T12:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"AppStream-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"AppStream-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.src",
"CRB-10.1.Z:freerdp-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-debugsource-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-devel-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-libs-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:freerdp-server-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-debuginfo-2:3.10.3-5.el10_1.5.x86_64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.aarch64",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.ppc64le",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.s390x",
"CRB-10.1.Z:libwinpr-devel-2:3.10.3-5.el10_1.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
}
]
}
RHSA-2026:6958
Vulnerability from csaf_redhat - Published: 2026-04-08 05:18 - Updated: 2026-04-08 13:34Summary
Red Hat Security Advisory: freerdp security update
Severity
Important
Notes
Topic: An update for freerdp is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6958
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6958",
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6958.json"
}
],
"title": "Red Hat Security Advisory: freerdp security update",
"tracking": {
"current_release_date": "2026-04-08T13:34:43+00:00",
"generator": {
"date": "2026-04-08T13:34:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6958",
"initial_release_date": "2026-04-08T05:18:01+00:00",
"revision_history": [
{
"date": "2026-04-08T05:18:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T05:18:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T13:34:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product": {
"name": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.2-1.el9_4.5.src",
"product": {
"name": "freerdp-2:2.11.2-1.el9_4.5.src",
"product_id": "freerdp-2:2.11.2-1.el9_4.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.2-1.el9_4.5?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "freerdp-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "freerdp-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"product": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"product_id": "libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.2-1.el9_4.5?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"product": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"product_id": "libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.2-1.el9_4.5?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "freerdp-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "freerdp-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"product": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"product_id": "libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.2-1.el9_4.5?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"product_id": "freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.i686",
"product_id": "libwinpr-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"product_id": "freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product_id": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product_id": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product_id": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"product_id": "freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"product": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"product_id": "libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.2-1.el9_4.5?arch=i686\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "freerdp-2:2.11.2-1.el9_4.5.s390x",
"product_id": "freerdp-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"product_id": "freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.s390x",
"product_id": "libwinpr-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"product_id": "freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product_id": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product_id": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product_id": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"product_id": "freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"product": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"product_id": "libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.2-1.el9_4.5?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.src as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.src",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.4)",
"product_id": "CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"relates_to_product_reference": "CRB-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22852",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-14T18:01:37.291284+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429654"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"category": "external",
"summary": "RHBZ#2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
}
],
"release_date": "2026-01-14T17:45:22.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22854",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-14T18:01:27.671391+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429652"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"category": "external",
"summary": "RHBZ#2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
}
],
"release_date": "2026-01-14T17:47:49.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22856",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-01-14T18:01:14.358085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429650"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"category": "external",
"summary": "RHBZ#2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
}
],
"release_date": "2026-01-14T17:53:04.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-use-after-free"
},
{
"cve": "CVE-2026-23732",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-19T18:01:18.943425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"category": "external",
"summary": "RHBZ#2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
}
],
"release_date": "2026-01-19T17:12:57.772000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
},
{
"cve": "CVE-2026-23948",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:35.778373+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438207"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"category": "external",
"summary": "RHBZ#2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
}
],
"release_date": "2026-02-09T18:12:00.737000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
},
{
"cve": "CVE-2026-24491",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:21.676057+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438202"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client\u2011side heap use after free causing a crash (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"category": "external",
"summary": "RHBZ#2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
"url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
}
],
"release_date": "2026-02-09T18:13:44.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
},
{
"cve": "CVE-2026-24675",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:21.865304+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438221"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device\u0027s MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"category": "external",
"summary": "RHBZ#2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
}
],
"release_date": "2026-02-09T18:14:40.667000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
},
{
"cve": "CVE-2026-24676",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:18.996877+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438201"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-\u003eformat, leading to a use after free in audio_format_compatible. A malicious server can trigger a client\u2011side heap use after free causing a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"category": "external",
"summary": "RHBZ#2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
"url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
}
],
"release_date": "2026-02-09T18:15:33.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
},
{
"cve": "CVE-2026-24679",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-09T20:02:08.618280+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438217"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"category": "external",
"summary": "RHBZ#2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
}
],
"release_date": "2026-02-09T18:19:00.409000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
},
{
"cve": "CVE-2026-24681",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:45.088999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438210"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"category": "external",
"summary": "RHBZ#2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
"url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
}
],
"release_date": "2026-02-09T18:20:39.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
},
{
"cve": "CVE-2026-24683",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:05.563918+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438216"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24683"
},
{
"category": "external",
"summary": "RHBZ#2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q"
}
],
"release_date": "2026-02-09T18:22:17.636000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event"
},
{
"cve": "CVE-2026-24684",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:39.156545+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438208"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"category": "external",
"summary": "RHBZ#2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
"url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
"url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
}
],
"release_date": "2026-02-09T18:23:02.882000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
},
{
"cve": "CVE-2026-31806",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-13T18:02:52.800795+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "RHBZ#2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"release_date": "2026-03-13T17:40:19.920000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T05:18:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6958"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"AppStream-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"AppStream-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.src",
"CRB-9.4.0.Z.EUS:freerdp-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-debugsource-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-devel-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-debuginfo-2:2.11.2-1.el9_4.5.x86_64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.aarch64",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.i686",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.ppc64le",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.s390x",
"CRB-9.4.0.Z.EUS:libwinpr-devel-2:2.11.2-1.el9_4.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
}
]
}
RHSA-2026:6743
Vulnerability from csaf_redhat - Published: 2026-04-07 07:47 - Updated: 2026-04-08 13:34Summary
Red Hat Security Advisory: freerdp security update
Severity
Important
Notes
Topic: An update for freerdp is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
* freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free (CVE-2026-24682)
* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), leading to out-of-bounds access in audio_formats_free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6743
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free (CVE-2026-24682)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6743",
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "2438212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438212"
},
{
"category": "external",
"summary": "2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6743.json"
}
],
"title": "Red Hat Security Advisory: freerdp security update",
"tracking": {
"current_release_date": "2026-04-08T13:34:42+00:00",
"generator": {
"date": "2026-04-08T13:34:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6743",
"initial_release_date": "2026-04-07T07:47:22+00:00",
"revision_history": [
{
"date": "2026-04-07T07:47:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-07T07:47:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T13:34:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.s390x",
"product_id": "libwinpr-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_id": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"product_id": "freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"product": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"product_id": "libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-3.el10_0.5?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"product": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"product_id": "libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-3.el10_0.5?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-3.el10_0.5.src",
"product": {
"name": "freerdp-2:3.10.3-3.el10_0.5.src",
"product_id": "freerdp-2:3.10.3-3.el10_0.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-3.el10_0.5?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"product": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"product_id": "libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-3.el10_0.5?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server-debuginfo@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-server@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"product": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"product_id": "libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@3.10.3-3.el10_0.5?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.src",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"product_id": "CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
},
"product_reference": "libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"relates_to_product_reference": "CRB-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22852",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-14T18:01:37.291284+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429654"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"category": "external",
"summary": "RHBZ#2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
}
],
"release_date": "2026-01-14T17:45:22.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22854",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-14T18:01:27.671391+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429652"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"category": "external",
"summary": "RHBZ#2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
}
],
"release_date": "2026-01-14T17:47:49.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22856",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-01-14T18:01:14.358085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429650"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"category": "external",
"summary": "RHBZ#2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
}
],
"release_date": "2026-01-14T17:53:04.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-use-after-free"
},
{
"cve": "CVE-2026-23732",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-19T18:01:18.943425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"category": "external",
"summary": "RHBZ#2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
}
],
"release_date": "2026-01-19T17:12:57.772000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
},
{
"cve": "CVE-2026-23948",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:35.778373+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438207"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"category": "external",
"summary": "RHBZ#2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
}
],
"release_date": "2026-02-09T18:12:00.737000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
},
{
"cve": "CVE-2026-24491",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:21.676057+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438202"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client\u2011side heap use after free causing a crash (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"category": "external",
"summary": "RHBZ#2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
"url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
}
],
"release_date": "2026-02-09T18:13:44.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
},
{
"cve": "CVE-2026-24675",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:21.865304+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438221"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device\u0027s MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"category": "external",
"summary": "RHBZ#2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
}
],
"release_date": "2026-02-09T18:14:40.667000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
},
{
"cve": "CVE-2026-24676",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:18.996877+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438201"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-\u003eformat, leading to a use after free in audio_format_compatible. A malicious server can trigger a client\u2011side heap use after free causing a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"category": "external",
"summary": "RHBZ#2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
"url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
}
],
"release_date": "2026-02-09T18:15:33.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
},
{
"cve": "CVE-2026-24679",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-09T20:02:08.618280+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438217"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"category": "external",
"summary": "RHBZ#2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
}
],
"release_date": "2026-02-09T18:19:00.409000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
},
{
"cve": "CVE-2026-24681",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:45.088999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438210"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"category": "external",
"summary": "RHBZ#2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
"url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
}
],
"release_date": "2026-02-09T18:20:39.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
},
{
"cve": "CVE-2026-24682",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:54.069961+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438212"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. audin_server_recv_formats frees an incorrect number of audio formats on parse failure (i + i), leading to out-of-bounds access in audio_formats_free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24682"
},
{
"category": "external",
"summary": "RHBZ#2438212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24682",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24682"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24682",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24682"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/1c5c74223179d425a1ce6dbbb6a3dd2a958b7aee",
"url": "https://github.com/FreeRDP/FreeRDP/commit/1c5c74223179d425a1ce6dbbb6a3dd2a958b7aee"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcw2-pqgw-mx6g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcw2-pqgw-mx6g"
}
],
"release_date": "2026-02-09T18:21:39.733000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-buffer-overflow in audio_formats_free"
},
{
"cve": "CVE-2026-24683",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:05.563918+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438216"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24683"
},
{
"category": "external",
"summary": "RHBZ#2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q"
}
],
"release_date": "2026-02-09T18:22:17.636000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event"
},
{
"cve": "CVE-2026-24684",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:39.156545+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438208"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"category": "external",
"summary": "RHBZ#2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
"url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
"url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
}
],
"release_date": "2026-02-09T18:23:02.882000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
},
{
"cve": "CVE-2026-31806",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-13T18:02:52.800795+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "RHBZ#2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"release_date": "2026-03-13T17:40:19.920000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T07:47:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6743"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"AppStream-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"AppStream-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.src",
"CRB-10.0.Z.E2S:freerdp-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-debugsource-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-devel-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-libs-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:freerdp-server-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-debuginfo-2:3.10.3-3.el10_0.5.x86_64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.aarch64",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.ppc64le",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.s390x",
"CRB-10.0.Z.E2S:libwinpr-devel-2:3.10.3-3.el10_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
}
]
}
RHSA-2026:6918
Vulnerability from csaf_redhat - Published: 2026-04-07 23:16 - Updated: 2026-04-08 13:34Summary
Red Hat Security Advisory: freerdp security update
Severity
Important
Notes
Topic: An update for freerdp is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6918
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6918",
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6918.json"
}
],
"title": "Red Hat Security Advisory: freerdp security update",
"tracking": {
"current_release_date": "2026-04-08T13:34:39+00:00",
"generator": {
"date": "2026-04-08T13:34:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6918",
"initial_release_date": "2026-04-07T23:16:15+00:00",
"revision_history": [
{
"date": "2026-04-07T23:16:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-07T23:16:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T13:34:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-6.el8_10.src",
"product": {
"name": "freerdp-2:2.11.7-6.el8_10.src",
"product_id": "freerdp-2:2.11.7-6.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-6.el8_10?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "freerdp-2:2.11.7-6.el8_10.s390x",
"product_id": "freerdp-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.s390x",
"product_id": "freerdp-libs-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "libwinpr-2:2.11.7-6.el8_10.s390x",
"product_id": "libwinpr-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"product_id": "libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"product_id": "freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"product_id": "freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"product_id": "libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-6.el8_10.s390x",
"product": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.s390x",
"product_id": "freerdp-devel-2:2.11.7-6.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-6.el8_10?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "freerdp-2:2.11.7-6.el8_10.aarch64",
"product_id": "freerdp-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"product_id": "freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "libwinpr-2:2.11.7-6.el8_10.aarch64",
"product_id": "libwinpr-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"product_id": "libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"product_id": "freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product_id": "freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product_id": "libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"product": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"product_id": "freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-6.el8_10?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "freerdp-2:2.11.7-6.el8_10.ppc64le",
"product_id": "freerdp-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"product_id": "freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "libwinpr-2:2.11.7-6.el8_10.ppc64le",
"product_id": "libwinpr-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"product_id": "libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"product_id": "freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product_id": "freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product_id": "libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"product": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"product_id": "freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-6.el8_10?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "freerdp-2:2.11.7-6.el8_10.x86_64",
"product_id": "freerdp-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"product_id": "freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "libwinpr-2:2.11.7-6.el8_10.x86_64",
"product_id": "libwinpr-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"product_id": "libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"product_id": "freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product_id": "freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product_id": "libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"product": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"product_id": "freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-6.el8_10?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-6.el8_10.i686",
"product": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.i686",
"product_id": "freerdp-libs-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-6.el8_10.i686",
"product": {
"name": "libwinpr-2:2.11.7-6.el8_10.i686",
"product_id": "libwinpr-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-6.el8_10.i686",
"product": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.i686",
"product_id": "libwinpr-devel-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"product": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"product_id": "freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"product_id": "freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"product_id": "libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-6.el8_10.i686",
"product": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.i686",
"product_id": "freerdp-devel-2:2.11.7-6.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-6.el8_10?arch=i686\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.src",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "libwinpr-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.aarch64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.i686 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.i686",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.ppc64le as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.s390x as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-6.el8_10.x86_64 as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22852",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-14T18:01:37.291284+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429654"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"category": "external",
"summary": "RHBZ#2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
}
],
"release_date": "2026-01-14T17:45:22.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22854",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-14T18:01:27.671391+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429652"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"category": "external",
"summary": "RHBZ#2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
}
],
"release_date": "2026-01-14T17:47:49.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22856",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-01-14T18:01:14.358085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429650"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"category": "external",
"summary": "RHBZ#2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
}
],
"release_date": "2026-01-14T17:53:04.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-use-after-free"
},
{
"cve": "CVE-2026-23732",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-19T18:01:18.943425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"category": "external",
"summary": "RHBZ#2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
}
],
"release_date": "2026-01-19T17:12:57.772000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
},
{
"cve": "CVE-2026-23948",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:35.778373+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438207"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"category": "external",
"summary": "RHBZ#2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
}
],
"release_date": "2026-02-09T18:12:00.737000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
},
{
"cve": "CVE-2026-24491",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:21.676057+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438202"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client\u2011side heap use after free causing a crash (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"category": "external",
"summary": "RHBZ#2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
"url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
}
],
"release_date": "2026-02-09T18:13:44.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
},
{
"cve": "CVE-2026-24675",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:21.865304+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438221"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device\u0027s MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"category": "external",
"summary": "RHBZ#2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
}
],
"release_date": "2026-02-09T18:14:40.667000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
},
{
"cve": "CVE-2026-24676",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:18.996877+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438201"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-\u003eformat, leading to a use after free in audio_format_compatible. A malicious server can trigger a client\u2011side heap use after free causing a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"category": "external",
"summary": "RHBZ#2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
"url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
}
],
"release_date": "2026-02-09T18:15:33.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
},
{
"cve": "CVE-2026-24679",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-09T20:02:08.618280+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438217"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"category": "external",
"summary": "RHBZ#2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
}
],
"release_date": "2026-02-09T18:19:00.409000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
},
{
"cve": "CVE-2026-24681",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:45.088999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438210"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"category": "external",
"summary": "RHBZ#2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
"url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
}
],
"release_date": "2026-02-09T18:20:39.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
},
{
"cve": "CVE-2026-24683",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:05.563918+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438216"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24683"
},
{
"category": "external",
"summary": "RHBZ#2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q"
}
],
"release_date": "2026-02-09T18:22:17.636000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event"
},
{
"cve": "CVE-2026-24684",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:39.156545+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438208"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"category": "external",
"summary": "RHBZ#2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
"url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
"url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
}
],
"release_date": "2026-02-09T18:23:02.882000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
},
{
"cve": "CVE-2026-31806",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-13T18:02:52.800795+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "RHBZ#2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"release_date": "2026-03-13T17:40:19.920000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T23:16:15+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6918"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-debugsource-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-devel-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:freerdp-libs-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-debuginfo-2:2.11.7-6.el8_10.x86_64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.aarch64",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.i686",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.ppc64le",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.s390x",
"CRB-8.10.0.Z.MAIN.EUS:libwinpr-devel-2:2.11.7-6.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
}
]
}
RHSA-2026:6727
Vulnerability from csaf_redhat - Published: 2026-04-07 06:25 - Updated: 2026-04-08 13:34Summary
Red Hat Security Advisory: freerdp security update
Severity
Important
Notes
Topic: An update for freerdp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6727
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6727",
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6727.json"
}
],
"title": "Red Hat Security Advisory: freerdp security update",
"tracking": {
"current_release_date": "2026-04-08T13:34:42+00:00",
"generator": {
"date": "2026-04-08T13:34:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6727",
"initial_release_date": "2026-04-07T06:25:32+00:00",
"revision_history": [
{
"date": "2026-04-07T06:25:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-07T06:25:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T13:34:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product": {
"name": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "freerdp-2:2.11.7-1.el9_6.7.s390x",
"product_id": "freerdp-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"product_id": "freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.s390x",
"product_id": "libwinpr-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"product_id": "freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_6.7?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_6.7.src",
"product": {
"name": "freerdp-2:2.11.7-1.el9_6.7.src",
"product_id": "freerdp-2:2.11.7-1.el9_6.7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_6.7?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "freerdp-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "freerdp-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_6.7?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_6.7?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "freerdp-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "freerdp-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_6.7?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"product_id": "freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.i686",
"product_id": "libwinpr-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"product_id": "freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_6.7?arch=i686\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.src as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.src",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.i686 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.s390x as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v.9.6)",
"product_id": "CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"relates_to_product_reference": "CRB-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22852",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-14T18:01:37.291284+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429654"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"category": "external",
"summary": "RHBZ#2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
}
],
"release_date": "2026-01-14T17:45:22.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22854",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-14T18:01:27.671391+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429652"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"category": "external",
"summary": "RHBZ#2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
}
],
"release_date": "2026-01-14T17:47:49.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22856",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-01-14T18:01:14.358085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429650"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"category": "external",
"summary": "RHBZ#2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
}
],
"release_date": "2026-01-14T17:53:04.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-use-after-free"
},
{
"cve": "CVE-2026-23732",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-19T18:01:18.943425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"category": "external",
"summary": "RHBZ#2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
}
],
"release_date": "2026-01-19T17:12:57.772000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
},
{
"cve": "CVE-2026-23948",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:35.778373+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438207"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"category": "external",
"summary": "RHBZ#2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
}
],
"release_date": "2026-02-09T18:12:00.737000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
},
{
"cve": "CVE-2026-24491",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:21.676057+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438202"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client\u2011side heap use after free causing a crash (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"category": "external",
"summary": "RHBZ#2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
"url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
}
],
"release_date": "2026-02-09T18:13:44.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
},
{
"cve": "CVE-2026-24675",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:21.865304+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438221"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device\u0027s MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"category": "external",
"summary": "RHBZ#2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
}
],
"release_date": "2026-02-09T18:14:40.667000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
},
{
"cve": "CVE-2026-24676",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:18.996877+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438201"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-\u003eformat, leading to a use after free in audio_format_compatible. A malicious server can trigger a client\u2011side heap use after free causing a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"category": "external",
"summary": "RHBZ#2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
"url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
}
],
"release_date": "2026-02-09T18:15:33.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
},
{
"cve": "CVE-2026-24679",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-09T20:02:08.618280+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438217"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"category": "external",
"summary": "RHBZ#2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
}
],
"release_date": "2026-02-09T18:19:00.409000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
},
{
"cve": "CVE-2026-24681",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:45.088999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438210"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"category": "external",
"summary": "RHBZ#2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
"url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
}
],
"release_date": "2026-02-09T18:20:39.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
},
{
"cve": "CVE-2026-24683",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:05.563918+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438216"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24683"
},
{
"category": "external",
"summary": "RHBZ#2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q"
}
],
"release_date": "2026-02-09T18:22:17.636000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event"
},
{
"cve": "CVE-2026-24684",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:39.156545+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438208"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"category": "external",
"summary": "RHBZ#2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
"url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
"url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
}
],
"release_date": "2026-02-09T18:23:02.882000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
},
{
"cve": "CVE-2026-31806",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-13T18:02:52.800795+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "RHBZ#2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"release_date": "2026-03-13T17:40:19.920000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-07T06:25:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6727"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"AppStream-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"AppStream-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.src",
"CRB-9.6.0.Z.EUS:freerdp-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-debugsource-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-devel-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:freerdp-libs-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-debuginfo-2:2.11.7-1.el9_6.7.x86_64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.aarch64",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.i686",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.ppc64le",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.s390x",
"CRB-9.6.0.Z.EUS:libwinpr-devel-2:2.11.7-1.el9_6.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
}
]
}
RHSA-2026:6340
Vulnerability from csaf_redhat - Published: 2026-04-01 09:08 - Updated: 2026-04-08 13:34Summary
Red Hat Security Advisory: freerdp security update
Severity
Important
Notes
Topic: An update for freerdp is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
Security Fix(es):
* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)
* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)
* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)
* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)
* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)
* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)
* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)
* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)
* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)
* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)
* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)
* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.
5.6 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash (DoS).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin->format, leading to a use after free in audio_format_compatible. A malicious server can trigger a client‑side heap use after free causing a crash.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:6340
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6340",
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6340.json"
}
],
"title": "Red Hat Security Advisory: freerdp security update",
"tracking": {
"current_release_date": "2026-04-08T13:34:37+00:00",
"generator": {
"date": "2026-04-08T13:34:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6340",
"initial_release_date": "2026-04-01T09:08:02+00:00",
"revision_history": [
{
"date": "2026-04-01T09:08:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-01T09:08:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T13:34:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_7.5.src",
"product": {
"name": "freerdp-2:2.11.7-1.el9_7.5.src",
"product_id": "freerdp-2:2.11.7-1.el9_7.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_7.5?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "freerdp-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "freerdp-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_7.5?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_7.5?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "freerdp-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "freerdp-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_7.5?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"product_id": "freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.i686",
"product_id": "libwinpr-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"product_id": "freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_7.5?arch=i686\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "freerdp-2:2.11.7-1.el9_7.5.s390x",
"product_id": "freerdp-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"product_id": "freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.s390x",
"product_id": "libwinpr-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"product_id": "freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product_id": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product_id": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product_id": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"product_id": "freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"product": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"product_id": "libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.11.7-1.el9_7.5?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.src",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.i686 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"product_id": "CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
},
"product_reference": "libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"relates_to_product_reference": "CRB-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-22852",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-01-14T18:01:37.291284+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429654"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback-\u003eformats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22852"
},
{
"category": "external",
"summary": "RHBZ#2429654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4"
}
],
"release_date": "2026-01-14T17:45:22.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22854",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-14T18:01:27.671391+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429652"
}
],
"notes": [
{
"category": "description",
"text": "A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-buffer-overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat products in their default configuration employ Address Space Layout Randomization (ASLR) which drastically increases the complexity of the successful exploitation of this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22854"
},
{
"category": "external",
"summary": "RHBZ#2429652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf"
}
],
"release_date": "2026-01-14T17:47:49.588000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-buffer-overflow"
},
{
"cve": "CVE-2026-22856",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-01-14T18:01:14.358085+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2429650"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use\u2011after\u2011free when one thread removes an entry from serial-\u003eIrpThreads while another reads it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP heap-use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22856"
},
{
"category": "external",
"summary": "RHBZ#2429650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22856"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv"
}
],
"release_date": "2026-01-14T17:53:04.756000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP heap-use-after-free"
},
{
"cve": "CVE-2026-23732",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2026-01-19T18:01:18.943425+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430881"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service (DoS) due to a crash. For this vulnerability to be exploited, a client must connect to a maliciously-configured server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a client must connect to a maliciously-configured server. Red Hat recommends that FreeRDP clients are only used to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23732"
},
{
"category": "external",
"summary": "RHBZ#2430881",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199",
"url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0",
"url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp"
}
],
"release_date": "2026-01-19T17:12:57.772000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow"
},
{
"cve": "CVE-2026-23948",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:35.778373+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438207"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference has been discovered in FreeRDP. A NULL pointer dereference vulnerability in rdp_write_logon_info_v2() allows a malicious RDP server to crash FreeRDP proxy by sending a specially crafted LogonInfoV2 PDU with cbDomain=0 or cbUserName=0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23948"
},
{
"category": "external",
"summary": "RHBZ#2438207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23948"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860",
"url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5"
}
],
"release_date": "2026-02-09T18:12:00.737000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2()"
},
{
"cve": "CVE-2026-24491",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:21.676057+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438202"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw has been discovered in FreeRDP. The video_timer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client\u2011side heap use after free causing a crash (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in video_timer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24491"
},
{
"category": "external",
"summary": "RHBZ#2438202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2",
"url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g"
}
],
"release_date": "2026-02-09T18:13:44.302000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in video_timer"
},
{
"cve": "CVE-2026-24675",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:21.865304+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438221"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. urb_select_interface can free the device\u0027s MS config on error but later code still dereferences it, leading to a use after free in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24675"
},
{
"category": "external",
"summary": "RHBZ#2438221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24675"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj"
}
],
"release_date": "2026-02-09T18:14:40.667000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface"
},
{
"cve": "CVE-2026-24676",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:18.996877+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438201"
}
],
"notes": [
{
"category": "description",
"text": "A use after free flaw was found in FreeRDP. AUDIN format renegotiation frees the active format list while the capture thread continues using audin-\u003eformat, leading to a use after free in audio_format_compatible. A malicious server can trigger a client\u2011side heap use after free causing a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24676"
},
{
"category": "external",
"summary": "RHBZ#2438201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00",
"url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj"
}
],
"release_date": "2026-02-09T18:15:33.646000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation"
},
{
"cve": "CVE-2026-24679",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-02-09T20:02:08.618280+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438217"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusb_udev_select_interface.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24679"
},
{
"category": "external",
"summary": "RHBZ#2438217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31",
"url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x"
}
],
"release_date": "2026-02-09T18:19:00.409000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface"
},
{
"cve": "CVE-2026-24681",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:01:45.088999+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438210"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. Asynchronous bulk transfer completions can use a freed channel callback after URBDRC channel close, leading to a use after free in urb_write_completion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24681"
},
{
"category": "external",
"summary": "RHBZ#2438210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73",
"url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j"
}
],
"release_date": "2026-02-09T18:20:39.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb"
},
{
"cve": "CVE-2026-24683",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-09T20:02:05.563918+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438216"
}
],
"notes": [
{
"category": "description",
"text": "A heap buffer use after free has been discovered in FreeRDP. ainput_send_input_event caches channel_callback in a local variable and later uses it without synchronization; a concurrent channel close can free or reinitialize the callback, leading to a use after free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24683"
},
{
"category": "external",
"summary": "RHBZ#2438216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486",
"url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q"
}
],
"release_date": "2026-02-09T18:22:17.636000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event"
},
{
"cve": "CVE-2026-24684",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-02-09T20:01:39.156545+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438208"
}
],
"notes": [
{
"category": "description",
"text": "A heap use after free has been discovered in FreeRDP. The RDPSND async playback thread can process queued PDUs after the channel is closed and internal state is freed, leading to a use after free in rdpsnd_treat_wave.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP has a Heap-use-after-free in play_thread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Availability impact is limited to the FreeRDP instance on Red Hat Products. General system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24684"
},
{
"category": "external",
"summary": "RHBZ#2438208",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696",
"url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5",
"url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q"
}
],
"release_date": "2026-02-09T18:23:02.882000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: FreeRDP has a Heap-use-after-free in play_thread"
},
{
"cve": "CVE-2026-31806",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-13T18:02:52.800795+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol (RDP). The `gdi_surface_bits()` function, which processes `SURFACE_BITS_COMMAND` messages, does not properly validate image dimensions (`bmp.width` and `bmp.height`) provided by a malicious RDP server. This can lead to a heap buffer overflow during bitmap decoding and memory operations. A remote attacker could exploit this to overwrite adjacent memory, potentially resulting in arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "For this vulnerability to be exploited, a susceptible system must connect to a malicious server. For that reason, Red Hat recommends that you only use FreeRDP to connect to trusted servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "RHBZ#2447376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31806",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b",
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"release_date": "2026-03-13T17:40:19.920000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-01T09:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6340"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"AppStream-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"AppStream-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.src",
"CRB-9.7.0.Z.MAIN:freerdp-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-debugsource-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-devel-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:freerdp-libs-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-debuginfo-2:2.11.7-1.el9_7.5.x86_64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.aarch64",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.i686",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.ppc64le",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.s390x",
"CRB-9.7.0.Z.MAIN:libwinpr-devel-2:2.11.7-1.el9_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages"
}
]
}
SUSE-SU-2026:1160-1
Vulnerability from csaf_suse - Published: 2026-03-31 15:03 - Updated: 2026-03-31 15:03Summary
Security update for freerdp
Severity
Important
Notes
Title of the patch: Security update for freerdp
Description of the patch: This update for freerdp fixes the following issues:
- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).
- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).
- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).
- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution
(bsc#1259653).
- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).
- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).
Patchnames: SUSE-2026-1160,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1160,openSUSE-SLE-15.6-2026-1160
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.3 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for freerdp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for freerdp fixes the following issues:\n\n- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).\n- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).\n- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).\n- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution\n (bsc#1259653).\n- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).\n- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1160,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1160,openSUSE-SLE-15.6-2026-1160",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1160-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1160-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261160-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1160-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-March/045202.html"
},
{
"category": "self",
"summary": "SUSE Bug 1258979",
"url": "https://bugzilla.suse.com/1258979"
},
{
"category": "self",
"summary": "SUSE Bug 1258982",
"url": "https://bugzilla.suse.com/1258982"
},
{
"category": "self",
"summary": "SUSE Bug 1258985",
"url": "https://bugzilla.suse.com/1258985"
},
{
"category": "self",
"summary": "SUSE Bug 1259653",
"url": "https://bugzilla.suse.com/1259653"
},
{
"category": "self",
"summary": "SUSE Bug 1259679",
"url": "https://bugzilla.suse.com/1259679"
},
{
"category": "self",
"summary": "SUSE Bug 1259686",
"url": "https://bugzilla.suse.com/1259686"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26271 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26955 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31806 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31883 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31885 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31885/"
}
],
"title": "Security update for freerdp",
"tracking": {
"current_release_date": "2026-03-31T15:03:59Z",
"generator": {
"date": "2026-03-31T15:03:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1160-1",
"initial_release_date": "2026-03-31T15:03:59Z",
"revision_history": [
{
"date": "2026-03-31T15:03:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "freerdp-2.11.2-150600.4.18.1.aarch64",
"product_id": "freerdp-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"product_id": "freerdp-devel-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"product_id": "freerdp-proxy-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "freerdp-server-2.11.2-150600.4.18.1.aarch64",
"product_id": "freerdp-server-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"product_id": "freerdp-wayland-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"product_id": "libfreerdp2-2-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"product_id": "libuwac0-0-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"product_id": "libwinpr2-2-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"product_id": "uwac0-0-devel-2.11.2-150600.4.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "winpr-devel-2.11.2-150600.4.18.1.aarch64",
"product": {
"name": "winpr-devel-2.11.2-150600.4.18.1.aarch64",
"product_id": "winpr-devel-2.11.2-150600.4.18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.11.2-150600.4.18.1.i586",
"product": {
"name": "freerdp-2.11.2-150600.4.18.1.i586",
"product_id": "freerdp-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.11.2-150600.4.18.1.i586",
"product": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.i586",
"product_id": "freerdp-devel-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.11.2-150600.4.18.1.i586",
"product": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.i586",
"product_id": "freerdp-proxy-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.11.2-150600.4.18.1.i586",
"product": {
"name": "freerdp-server-2.11.2-150600.4.18.1.i586",
"product_id": "freerdp-server-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.11.2-150600.4.18.1.i586",
"product": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.i586",
"product_id": "freerdp-wayland-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.i586",
"product": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.i586",
"product_id": "libfreerdp2-2-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.11.2-150600.4.18.1.i586",
"product": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.i586",
"product_id": "libuwac0-0-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.2-150600.4.18.1.i586",
"product": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.i586",
"product_id": "libwinpr2-2-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.i586",
"product": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.i586",
"product_id": "uwac0-0-devel-2.11.2-150600.4.18.1.i586"
}
},
{
"category": "product_version",
"name": "winpr-devel-2.11.2-150600.4.18.1.i586",
"product": {
"name": "winpr-devel-2.11.2-150600.4.18.1.i586",
"product_id": "winpr-devel-2.11.2-150600.4.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "freerdp-2.11.2-150600.4.18.1.ppc64le",
"product_id": "freerdp-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"product_id": "freerdp-devel-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"product_id": "freerdp-proxy-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"product_id": "freerdp-server-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"product_id": "freerdp-wayland-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"product_id": "libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"product_id": "libuwac0-0-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"product_id": "libwinpr2-2-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"product_id": "uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"product": {
"name": "winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"product_id": "winpr-devel-2.11.2-150600.4.18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "freerdp-2.11.2-150600.4.18.1.s390x",
"product_id": "freerdp-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.s390x",
"product_id": "freerdp-devel-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"product_id": "freerdp-proxy-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "freerdp-server-2.11.2-150600.4.18.1.s390x",
"product_id": "freerdp-server-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"product_id": "freerdp-wayland-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"product_id": "libfreerdp2-2-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.s390x",
"product_id": "libuwac0-0-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"product_id": "libwinpr2-2-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"product_id": "uwac0-0-devel-2.11.2-150600.4.18.1.s390x"
}
},
{
"category": "product_version",
"name": "winpr-devel-2.11.2-150600.4.18.1.s390x",
"product": {
"name": "winpr-devel-2.11.2-150600.4.18.1.s390x",
"product_id": "winpr-devel-2.11.2-150600.4.18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "freerdp-2.11.2-150600.4.18.1.x86_64",
"product_id": "freerdp-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"product_id": "freerdp-devel-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"product_id": "freerdp-proxy-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "freerdp-server-2.11.2-150600.4.18.1.x86_64",
"product_id": "freerdp-server-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"product_id": "freerdp-wayland-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"product_id": "libfreerdp2-2-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"product_id": "libuwac0-0-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"product_id": "libwinpr2-2-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"product_id": "uwac0-0-devel-2.11.2-150600.4.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "winpr-devel-2.11.2-150600.4.18.1.x86_64",
"product": {
"name": "winpr-devel-2.11.2-150600.4.18.1.x86_64",
"product_id": "winpr-devel-2.11.2-150600.4.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "freerdp-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "freerdp-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "freerdp-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "freerdp-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "freerdp-devel-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-proxy-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "freerdp-server-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "freerdp-server-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-server-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "freerdp-server-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-wayland-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "libuwac0-0-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libuwac0-0-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "uwac0-0-devel-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr-devel-2.11.2-150600.4.18.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64"
},
"product_reference": "winpr-devel-2.11.2-150600.4.18.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr-devel-2.11.2-150600.4.18.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le"
},
"product_reference": "winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr-devel-2.11.2-150600.4.18.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x"
},
"product_reference": "winpr-devel-2.11.2-150600.4.18.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr-devel-2.11.2-150600.4.18.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
},
"product_reference": "winpr-devel-2.11.2-150600.4.18.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-26271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26271"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in `freerdp_image_copy_from_icon_data()` (libfreerdp/codec/color.c) can be triggered by crafted RDP Window Icon (TS_ICON_INFO) data. The bug is reachable over the network when a client processes icon data from an RDP server (or from a man-in-the-middle). Version 3.23.0 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26271",
"url": "https://www.suse.com/security/cve/CVE-2026-26271"
},
{
"category": "external",
"summary": "SUSE Bug 1258979 for CVE-2026-26271",
"url": "https://bugzilla.suse.com/1258979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-31T15:03:59Z",
"details": "moderate"
}
],
"title": "CVE-2026-26271"
},
{
"cve": "CVE-2026-26955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26955"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination rectangle. The `gdi_SurfaceCommand_ClearCodec()` handler does not call `is_within_surface()` to validate the command rectangle against the destination surface dimensions, allowing attacker-controlled `cmd-\u003eleft`/`cmd-\u003etop` (and subcodec rectangle offsets) to reach image copy routines that write into `surface-\u003edata` without bounds enforcement. The OOB write corrupts an adjacent `gdiGfxSurface` struct\u0027s `codecs*` pointer with attacker-controlled pixel data, and corruption of `codecs*` is sufficient to reach an indirect function pointer call (`NSC_CONTEXT.decode` at `nsc.c:500`) on a subsequent codec command - full instruction pointer (RIP) control demonstrated in exploitability harness. Users should upgrade to version 3.23.0 to receive a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26955",
"url": "https://www.suse.com/security/cve/CVE-2026-26955"
},
{
"category": "external",
"summary": "SUSE Bug 1258982 for CVE-2026-26955",
"url": "https://bugzilla.suse.com/1258982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-31T15:03:59Z",
"details": "important"
}
],
"title": "CVE-2026-26955"
},
{
"cve": "CVE-2026-26965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26965"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying that `(nYDst+nSrcHeight)` fits in the destination height or that `(nXDst+nSrcWidth)` fits in the destination stride. When `TempFormat != DstFormat`, `pDstData` becomes `planar-\u003epTempData` (sized for the desktop), while `nYDst` is only validated against the **surface** by `is_within_surface()`. A malicious RDP server can exploit this to perform a heap out-of-bounds write with attacker-controlled offset and pixel data on any connecting FreeRDP client. The OOB write reaches up to 132,096 bytes past the temp buffer end, and on the brk heap (desktop \u2264 128x128), an adjacent `NSC_CONTEXT` struct\u0027s `decode` function pointer is overwritten with attacker-controlled pixel data - control-flow-relevant corruption (function pointer overwritten) demonstrated under deterministic heap layout (`nsc-\u003edecode = 0xFF414141FF414141`). Version 3.23.0 fixes the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26965",
"url": "https://www.suse.com/security/cve/CVE-2026-26965"
},
{
"category": "external",
"summary": "SUSE Bug 1258985 for CVE-2026-26965",
"url": "https://bugzilla.suse.com/1258985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-31T15:03:59Z",
"details": "important"
}
],
"title": "CVE-2026-26965"
},
{
"cve": "CVE-2026-31806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31806"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31806",
"url": "https://www.suse.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "SUSE Bug 1259653 for CVE-2026-31806",
"url": "https://bugzilla.suse.com/1259653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-31T15:03:59Z",
"details": "important"
}
],
"title": "CVE-2026-31806"
},
{
"cve": "CVE-2026-31883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31883"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a size_t underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM decoders subtract block header sizes from a size_t variable without checking for underflow. When nBlockAlign (received from the server) is set such that size % block_size == 0 triggers the header parsing at a point where size is smaller than the header (4 or 8 bytes), the subtraction wraps size to ~SIZE_MAX. The while (size \u003e 0) loop then continues for an astronomical number of iterations. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31883",
"url": "https://www.suse.com/security/cve/CVE-2026-31883"
},
{
"category": "external",
"summary": "SUSE Bug 1259679 for CVE-2026-31883",
"url": "https://bugzilla.suse.com/1259679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-31T15:03:59Z",
"details": "important"
}
],
"title": "CVE-2026-31883"
},
{
"cve": "CVE-2026-31885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31885"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and step_index values from input data. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31885",
"url": "https://www.suse.com/security/cve/CVE-2026-31885"
},
{
"category": "external",
"summary": "SUSE Bug 1259686 for CVE-2026-31885",
"url": "https://bugzilla.suse.com/1259686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-proxy-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-server-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:freerdp-wayland-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libfreerdp2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libuwac0-0-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:libwinpr2-2-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:uwac0-0-devel-2.11.2-150600.4.18.1.x86_64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.aarch64",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.ppc64le",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.s390x",
"openSUSE Leap 15.6:winpr-devel-2.11.2-150600.4.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-31T15:03:59Z",
"details": "important"
}
],
"title": "CVE-2026-31885"
}
]
}
SUSE-SU-2026:1129-1
Vulnerability from csaf_suse - Published: 2026-03-27 15:05 - Updated: 2026-03-27 15:05Summary
Security update for freerdp
Severity
Important
Notes
Title of the patch: Security update for freerdp
Description of the patch: This update for freerdp fixes the following issues:
- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).
- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).
- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).
- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution
(bsc#1259653).
- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).
- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).
Patchnames: SUSE-2026-1129,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1129
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.3 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for freerdp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for freerdp fixes the following issues:\n\n- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).\n- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).\n- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).\n- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution\n (bsc#1259653).\n- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).\n- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1129,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1129",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1129-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1129-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261129-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1129-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/025021.html"
},
{
"category": "self",
"summary": "SUSE Bug 1258979",
"url": "https://bugzilla.suse.com/1258979"
},
{
"category": "self",
"summary": "SUSE Bug 1258982",
"url": "https://bugzilla.suse.com/1258982"
},
{
"category": "self",
"summary": "SUSE Bug 1258985",
"url": "https://bugzilla.suse.com/1258985"
},
{
"category": "self",
"summary": "SUSE Bug 1259653",
"url": "https://bugzilla.suse.com/1259653"
},
{
"category": "self",
"summary": "SUSE Bug 1259679",
"url": "https://bugzilla.suse.com/1259679"
},
{
"category": "self",
"summary": "SUSE Bug 1259686",
"url": "https://bugzilla.suse.com/1259686"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26271 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26955 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31806 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31883 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31885 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31885/"
}
],
"title": "Security update for freerdp",
"tracking": {
"current_release_date": "2026-03-27T15:05:09Z",
"generator": {
"date": "2026-03-27T15:05:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1129-1",
"initial_release_date": "2026-03-27T15:05:09Z",
"revision_history": [
{
"date": "2026-03-27T15:05:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "freerdp-2.4.0-150400.3.47.1.aarch64",
"product_id": "freerdp-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "freerdp-devel-2.4.0-150400.3.47.1.aarch64",
"product_id": "freerdp-devel-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "freerdp-proxy-2.4.0-150400.3.47.1.aarch64",
"product_id": "freerdp-proxy-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "freerdp-server-2.4.0-150400.3.47.1.aarch64",
"product_id": "freerdp-server-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "freerdp-wayland-2.4.0-150400.3.47.1.aarch64",
"product_id": "freerdp-wayland-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"product_id": "libfreerdp2-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "libuwac0-0-2.4.0-150400.3.47.1.aarch64",
"product_id": "libuwac0-0-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "libwinpr2-2.4.0-150400.3.47.1.aarch64",
"product_id": "libwinpr2-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.aarch64",
"product_id": "uwac0-0-devel-2.4.0-150400.3.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.4.0-150400.3.47.1.aarch64",
"product": {
"name": "winpr2-devel-2.4.0-150400.3.47.1.aarch64",
"product_id": "winpr2-devel-2.4.0-150400.3.47.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.4.0-150400.3.47.1.i586",
"product": {
"name": "freerdp-2.4.0-150400.3.47.1.i586",
"product_id": "freerdp-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.4.0-150400.3.47.1.i586",
"product": {
"name": "freerdp-devel-2.4.0-150400.3.47.1.i586",
"product_id": "freerdp-devel-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.4.0-150400.3.47.1.i586",
"product": {
"name": "freerdp-proxy-2.4.0-150400.3.47.1.i586",
"product_id": "freerdp-proxy-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.4.0-150400.3.47.1.i586",
"product": {
"name": "freerdp-server-2.4.0-150400.3.47.1.i586",
"product_id": "freerdp-server-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.4.0-150400.3.47.1.i586",
"product": {
"name": "freerdp-wayland-2.4.0-150400.3.47.1.i586",
"product_id": "freerdp-wayland-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.4.0-150400.3.47.1.i586",
"product": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.i586",
"product_id": "libfreerdp2-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.4.0-150400.3.47.1.i586",
"product": {
"name": "libuwac0-0-2.4.0-150400.3.47.1.i586",
"product_id": "libuwac0-0-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.4.0-150400.3.47.1.i586",
"product": {
"name": "libwinpr2-2.4.0-150400.3.47.1.i586",
"product_id": "libwinpr2-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.i586",
"product": {
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.i586",
"product_id": "uwac0-0-devel-2.4.0-150400.3.47.1.i586"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.4.0-150400.3.47.1.i586",
"product": {
"name": "winpr2-devel-2.4.0-150400.3.47.1.i586",
"product_id": "winpr2-devel-2.4.0-150400.3.47.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "freerdp-2.4.0-150400.3.47.1.ppc64le",
"product_id": "freerdp-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "freerdp-devel-2.4.0-150400.3.47.1.ppc64le",
"product_id": "freerdp-devel-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "freerdp-proxy-2.4.0-150400.3.47.1.ppc64le",
"product_id": "freerdp-proxy-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "freerdp-server-2.4.0-150400.3.47.1.ppc64le",
"product_id": "freerdp-server-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "freerdp-wayland-2.4.0-150400.3.47.1.ppc64le",
"product_id": "freerdp-wayland-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"product_id": "libfreerdp2-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "libuwac0-0-2.4.0-150400.3.47.1.ppc64le",
"product_id": "libuwac0-0-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"product_id": "libwinpr2-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.ppc64le",
"product_id": "uwac0-0-devel-2.4.0-150400.3.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.4.0-150400.3.47.1.ppc64le",
"product": {
"name": "winpr2-devel-2.4.0-150400.3.47.1.ppc64le",
"product_id": "winpr2-devel-2.4.0-150400.3.47.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "freerdp-2.4.0-150400.3.47.1.s390x",
"product_id": "freerdp-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "freerdp-devel-2.4.0-150400.3.47.1.s390x",
"product_id": "freerdp-devel-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "freerdp-proxy-2.4.0-150400.3.47.1.s390x",
"product_id": "freerdp-proxy-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "freerdp-server-2.4.0-150400.3.47.1.s390x",
"product_id": "freerdp-server-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "freerdp-wayland-2.4.0-150400.3.47.1.s390x",
"product_id": "freerdp-wayland-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.s390x",
"product_id": "libfreerdp2-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "libuwac0-0-2.4.0-150400.3.47.1.s390x",
"product_id": "libuwac0-0-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "libwinpr2-2.4.0-150400.3.47.1.s390x",
"product_id": "libwinpr2-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.s390x",
"product_id": "uwac0-0-devel-2.4.0-150400.3.47.1.s390x"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.4.0-150400.3.47.1.s390x",
"product": {
"name": "winpr2-devel-2.4.0-150400.3.47.1.s390x",
"product_id": "winpr2-devel-2.4.0-150400.3.47.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "freerdp-2.4.0-150400.3.47.1.x86_64",
"product_id": "freerdp-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "freerdp-devel-2.4.0-150400.3.47.1.x86_64",
"product_id": "freerdp-devel-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "freerdp-proxy-2.4.0-150400.3.47.1.x86_64",
"product_id": "freerdp-proxy-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "freerdp-server-2.4.0-150400.3.47.1.x86_64",
"product_id": "freerdp-server-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "freerdp-wayland-2.4.0-150400.3.47.1.x86_64",
"product_id": "freerdp-wayland-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.x86_64",
"product_id": "libfreerdp2-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "libuwac0-0-2.4.0-150400.3.47.1.x86_64",
"product_id": "libuwac0-0-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "libwinpr2-2.4.0-150400.3.47.1.x86_64",
"product_id": "libwinpr2-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "uwac0-0-devel-2.4.0-150400.3.47.1.x86_64",
"product_id": "uwac0-0-devel-2.4.0-150400.3.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.4.0-150400.3.47.1.x86_64",
"product": {
"name": "winpr2-devel-2.4.0-150400.3.47.1.x86_64",
"product_id": "winpr2-devel-2.4.0-150400.3.47.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64"
},
"product_reference": "libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le"
},
"product_reference": "libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2.4.0-150400.3.47.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x"
},
"product_reference": "libfreerdp2-2.4.0-150400.3.47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2.4.0-150400.3.47.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64"
},
"product_reference": "libwinpr2-2.4.0-150400.3.47.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2.4.0-150400.3.47.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le"
},
"product_reference": "libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2.4.0-150400.3.47.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
},
"product_reference": "libwinpr2-2.4.0-150400.3.47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-26271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26271"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in `freerdp_image_copy_from_icon_data()` (libfreerdp/codec/color.c) can be triggered by crafted RDP Window Icon (TS_ICON_INFO) data. The bug is reachable over the network when a client processes icon data from an RDP server (or from a man-in-the-middle). Version 3.23.0 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26271",
"url": "https://www.suse.com/security/cve/CVE-2026-26271"
},
{
"category": "external",
"summary": "SUSE Bug 1258979 for CVE-2026-26271",
"url": "https://bugzilla.suse.com/1258979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-27T15:05:09Z",
"details": "moderate"
}
],
"title": "CVE-2026-26271"
},
{
"cve": "CVE-2026-26955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26955"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination rectangle. The `gdi_SurfaceCommand_ClearCodec()` handler does not call `is_within_surface()` to validate the command rectangle against the destination surface dimensions, allowing attacker-controlled `cmd-\u003eleft`/`cmd-\u003etop` (and subcodec rectangle offsets) to reach image copy routines that write into `surface-\u003edata` without bounds enforcement. The OOB write corrupts an adjacent `gdiGfxSurface` struct\u0027s `codecs*` pointer with attacker-controlled pixel data, and corruption of `codecs*` is sufficient to reach an indirect function pointer call (`NSC_CONTEXT.decode` at `nsc.c:500`) on a subsequent codec command - full instruction pointer (RIP) control demonstrated in exploitability harness. Users should upgrade to version 3.23.0 to receive a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26955",
"url": "https://www.suse.com/security/cve/CVE-2026-26955"
},
{
"category": "external",
"summary": "SUSE Bug 1258982 for CVE-2026-26955",
"url": "https://bugzilla.suse.com/1258982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-27T15:05:09Z",
"details": "important"
}
],
"title": "CVE-2026-26955"
},
{
"cve": "CVE-2026-26965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26965"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying that `(nYDst+nSrcHeight)` fits in the destination height or that `(nXDst+nSrcWidth)` fits in the destination stride. When `TempFormat != DstFormat`, `pDstData` becomes `planar-\u003epTempData` (sized for the desktop), while `nYDst` is only validated against the **surface** by `is_within_surface()`. A malicious RDP server can exploit this to perform a heap out-of-bounds write with attacker-controlled offset and pixel data on any connecting FreeRDP client. The OOB write reaches up to 132,096 bytes past the temp buffer end, and on the brk heap (desktop \u2264 128x128), an adjacent `NSC_CONTEXT` struct\u0027s `decode` function pointer is overwritten with attacker-controlled pixel data - control-flow-relevant corruption (function pointer overwritten) demonstrated under deterministic heap layout (`nsc-\u003edecode = 0xFF414141FF414141`). Version 3.23.0 fixes the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26965",
"url": "https://www.suse.com/security/cve/CVE-2026-26965"
},
{
"category": "external",
"summary": "SUSE Bug 1258985 for CVE-2026-26965",
"url": "https://bugzilla.suse.com/1258985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-27T15:05:09Z",
"details": "important"
}
],
"title": "CVE-2026-26965"
},
{
"cve": "CVE-2026-31806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31806"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31806",
"url": "https://www.suse.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "SUSE Bug 1259653 for CVE-2026-31806",
"url": "https://bugzilla.suse.com/1259653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-27T15:05:09Z",
"details": "important"
}
],
"title": "CVE-2026-31806"
},
{
"cve": "CVE-2026-31883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31883"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a size_t underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM decoders subtract block header sizes from a size_t variable without checking for underflow. When nBlockAlign (received from the server) is set such that size % block_size == 0 triggers the header parsing at a point where size is smaller than the header (4 or 8 bytes), the subtraction wraps size to ~SIZE_MAX. The while (size \u003e 0) loop then continues for an astronomical number of iterations. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31883",
"url": "https://www.suse.com/security/cve/CVE-2026-31883"
},
{
"category": "external",
"summary": "SUSE Bug 1259679 for CVE-2026-31883",
"url": "https://bugzilla.suse.com/1259679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-27T15:05:09Z",
"details": "important"
}
],
"title": "CVE-2026-31883"
},
{
"cve": "CVE-2026-31885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31885"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and step_index values from input data. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31885",
"url": "https://www.suse.com/security/cve/CVE-2026-31885"
},
{
"category": "external",
"summary": "SUSE Bug 1259686 for CVE-2026-31885",
"url": "https://bugzilla.suse.com/1259686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libfreerdp2-2.4.0-150400.3.47.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:libwinpr2-2.4.0-150400.3.47.1.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-27T15:05:09Z",
"details": "important"
}
],
"title": "CVE-2026-31885"
}
]
}
SUSE-SU-2026:1164-1
Vulnerability from csaf_suse - Published: 2026-04-01 13:40 - Updated: 2026-04-01 13:40Summary
Security update for freerdp2
Severity
Important
Notes
Title of the patch: Security update for freerdp2
Description of the patch: This update for freerdp2 fixes the following issues:
- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).
- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).
- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).
- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution
(bsc#1259653).
- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).
- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).
Patchnames: SUSE-2026-1164,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1164,SUSE-SLE-Product-WE-15-SP7-2026-1164
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.3 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for freerdp2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for freerdp2 fixes the following issues:\n\n- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).\n- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).\n- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).\n- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution\n (bsc#1259653).\n- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).\n- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1164,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1164,SUSE-SLE-Product-WE-15-SP7-2026-1164",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1164-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1164-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261164-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1164-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045257.html"
},
{
"category": "self",
"summary": "SUSE Bug 1258979",
"url": "https://bugzilla.suse.com/1258979"
},
{
"category": "self",
"summary": "SUSE Bug 1258982",
"url": "https://bugzilla.suse.com/1258982"
},
{
"category": "self",
"summary": "SUSE Bug 1258985",
"url": "https://bugzilla.suse.com/1258985"
},
{
"category": "self",
"summary": "SUSE Bug 1259653",
"url": "https://bugzilla.suse.com/1259653"
},
{
"category": "self",
"summary": "SUSE Bug 1259679",
"url": "https://bugzilla.suse.com/1259679"
},
{
"category": "self",
"summary": "SUSE Bug 1259686",
"url": "https://bugzilla.suse.com/1259686"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26271 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26955 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31806 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31883 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31885 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31885/"
}
],
"title": "Security update for freerdp2",
"tracking": {
"current_release_date": "2026-04-01T13:40:49Z",
"generator": {
"date": "2026-04-01T13:40:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1164-1",
"initial_release_date": "2026-04-01T13:40:49Z",
"revision_history": [
{
"date": "2026-04-01T13:40:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "freerdp2-2.11.7-150700.3.14.1.aarch64",
"product": {
"name": "freerdp2-2.11.7-150700.3.14.1.aarch64",
"product_id": "freerdp2-2.11.7-150700.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp2-devel-2.11.7-150700.3.14.1.aarch64",
"product": {
"name": "freerdp2-devel-2.11.7-150700.3.14.1.aarch64",
"product_id": "freerdp2-devel-2.11.7-150700.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.aarch64",
"product": {
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.aarch64",
"product_id": "freerdp2-proxy-2.11.7-150700.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp2-server-2.11.7-150700.3.14.1.aarch64",
"product": {
"name": "freerdp2-server-2.11.7-150700.3.14.1.aarch64",
"product_id": "freerdp2-server-2.11.7-150700.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.aarch64",
"product": {
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.aarch64",
"product_id": "libfreerdp2-2-2.11.7-150700.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.7-150700.3.14.1.aarch64",
"product": {
"name": "libwinpr2-2-2.11.7-150700.3.14.1.aarch64",
"product_id": "libwinpr2-2-2.11.7-150700.3.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"product": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"product_id": "winpr2-devel-2.11.7-150700.3.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp2-2.11.7-150700.3.14.1.i586",
"product": {
"name": "freerdp2-2.11.7-150700.3.14.1.i586",
"product_id": "freerdp2-2.11.7-150700.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp2-devel-2.11.7-150700.3.14.1.i586",
"product": {
"name": "freerdp2-devel-2.11.7-150700.3.14.1.i586",
"product_id": "freerdp2-devel-2.11.7-150700.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.i586",
"product": {
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.i586",
"product_id": "freerdp2-proxy-2.11.7-150700.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp2-server-2.11.7-150700.3.14.1.i586",
"product": {
"name": "freerdp2-server-2.11.7-150700.3.14.1.i586",
"product_id": "freerdp2-server-2.11.7-150700.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.i586",
"product": {
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.i586",
"product_id": "libfreerdp2-2-2.11.7-150700.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.7-150700.3.14.1.i586",
"product": {
"name": "libwinpr2-2-2.11.7-150700.3.14.1.i586",
"product_id": "libwinpr2-2-2.11.7-150700.3.14.1.i586"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.11.7-150700.3.14.1.i586",
"product": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.i586",
"product_id": "winpr2-devel-2.11.7-150700.3.14.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp2-2.11.7-150700.3.14.1.ppc64le",
"product": {
"name": "freerdp2-2.11.7-150700.3.14.1.ppc64le",
"product_id": "freerdp2-2.11.7-150700.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp2-devel-2.11.7-150700.3.14.1.ppc64le",
"product": {
"name": "freerdp2-devel-2.11.7-150700.3.14.1.ppc64le",
"product_id": "freerdp2-devel-2.11.7-150700.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.ppc64le",
"product": {
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.ppc64le",
"product_id": "freerdp2-proxy-2.11.7-150700.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp2-server-2.11.7-150700.3.14.1.ppc64le",
"product": {
"name": "freerdp2-server-2.11.7-150700.3.14.1.ppc64le",
"product_id": "freerdp2-server-2.11.7-150700.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.ppc64le",
"product": {
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.ppc64le",
"product_id": "libfreerdp2-2-2.11.7-150700.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.7-150700.3.14.1.ppc64le",
"product": {
"name": "libwinpr2-2-2.11.7-150700.3.14.1.ppc64le",
"product_id": "libwinpr2-2-2.11.7-150700.3.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"product": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"product_id": "winpr2-devel-2.11.7-150700.3.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp2-2.11.7-150700.3.14.1.s390x",
"product": {
"name": "freerdp2-2.11.7-150700.3.14.1.s390x",
"product_id": "freerdp2-2.11.7-150700.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp2-devel-2.11.7-150700.3.14.1.s390x",
"product": {
"name": "freerdp2-devel-2.11.7-150700.3.14.1.s390x",
"product_id": "freerdp2-devel-2.11.7-150700.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.s390x",
"product": {
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.s390x",
"product_id": "freerdp2-proxy-2.11.7-150700.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp2-server-2.11.7-150700.3.14.1.s390x",
"product": {
"name": "freerdp2-server-2.11.7-150700.3.14.1.s390x",
"product_id": "freerdp2-server-2.11.7-150700.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.s390x",
"product": {
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.s390x",
"product_id": "libfreerdp2-2-2.11.7-150700.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.7-150700.3.14.1.s390x",
"product": {
"name": "libwinpr2-2-2.11.7-150700.3.14.1.s390x",
"product_id": "libwinpr2-2-2.11.7-150700.3.14.1.s390x"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.11.7-150700.3.14.1.s390x",
"product": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.s390x",
"product_id": "winpr2-devel-2.11.7-150700.3.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp2-2.11.7-150700.3.14.1.x86_64",
"product": {
"name": "freerdp2-2.11.7-150700.3.14.1.x86_64",
"product_id": "freerdp2-2.11.7-150700.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"product": {
"name": "freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"product_id": "freerdp2-devel-2.11.7-150700.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"product": {
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"product_id": "freerdp2-proxy-2.11.7-150700.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"product": {
"name": "freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"product_id": "freerdp2-server-2.11.7-150700.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"product": {
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"product_id": "libfreerdp2-2-2.11.7-150700.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"product": {
"name": "libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"product_id": "libwinpr2-2-2.11.7-150700.3.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.11.7-150700.3.14.1.x86_64",
"product": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.x86_64",
"product_id": "winpr2-devel-2.11.7-150700.3.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64"
},
"product_reference": "winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le"
},
"product_reference": "winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x"
},
"product_reference": "winpr2-devel-2.11.7-150700.3.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp2-2.11.7-150700.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64"
},
"product_reference": "freerdp2-2.11.7-150700.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp2-devel-2.11.7-150700.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64"
},
"product_reference": "freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp2-proxy-2.11.7-150700.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64"
},
"product_reference": "freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp2-server-2.11.7-150700.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64"
},
"product_reference": "freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreerdp2-2-2.11.7-150700.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64"
},
"product_reference": "libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr2-2-2.11.7-150700.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64"
},
"product_reference": "libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.11.7-150700.3.14.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
},
"product_reference": "winpr2-devel-2.11.7-150700.3.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-26271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26271"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in `freerdp_image_copy_from_icon_data()` (libfreerdp/codec/color.c) can be triggered by crafted RDP Window Icon (TS_ICON_INFO) data. The bug is reachable over the network when a client processes icon data from an RDP server (or from a man-in-the-middle). Version 3.23.0 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26271",
"url": "https://www.suse.com/security/cve/CVE-2026-26271"
},
{
"category": "external",
"summary": "SUSE Bug 1258979 for CVE-2026-26271",
"url": "https://bugzilla.suse.com/1258979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:49Z",
"details": "moderate"
}
],
"title": "CVE-2026-26271"
},
{
"cve": "CVE-2026-26955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26955"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination rectangle. The `gdi_SurfaceCommand_ClearCodec()` handler does not call `is_within_surface()` to validate the command rectangle against the destination surface dimensions, allowing attacker-controlled `cmd-\u003eleft`/`cmd-\u003etop` (and subcodec rectangle offsets) to reach image copy routines that write into `surface-\u003edata` without bounds enforcement. The OOB write corrupts an adjacent `gdiGfxSurface` struct\u0027s `codecs*` pointer with attacker-controlled pixel data, and corruption of `codecs*` is sufficient to reach an indirect function pointer call (`NSC_CONTEXT.decode` at `nsc.c:500`) on a subsequent codec command - full instruction pointer (RIP) control demonstrated in exploitability harness. Users should upgrade to version 3.23.0 to receive a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26955",
"url": "https://www.suse.com/security/cve/CVE-2026-26955"
},
{
"category": "external",
"summary": "SUSE Bug 1258982 for CVE-2026-26955",
"url": "https://bugzilla.suse.com/1258982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:49Z",
"details": "important"
}
],
"title": "CVE-2026-26955"
},
{
"cve": "CVE-2026-26965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26965"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying that `(nYDst+nSrcHeight)` fits in the destination height or that `(nXDst+nSrcWidth)` fits in the destination stride. When `TempFormat != DstFormat`, `pDstData` becomes `planar-\u003epTempData` (sized for the desktop), while `nYDst` is only validated against the **surface** by `is_within_surface()`. A malicious RDP server can exploit this to perform a heap out-of-bounds write with attacker-controlled offset and pixel data on any connecting FreeRDP client. The OOB write reaches up to 132,096 bytes past the temp buffer end, and on the brk heap (desktop \u2264 128x128), an adjacent `NSC_CONTEXT` struct\u0027s `decode` function pointer is overwritten with attacker-controlled pixel data - control-flow-relevant corruption (function pointer overwritten) demonstrated under deterministic heap layout (`nsc-\u003edecode = 0xFF414141FF414141`). Version 3.23.0 fixes the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26965",
"url": "https://www.suse.com/security/cve/CVE-2026-26965"
},
{
"category": "external",
"summary": "SUSE Bug 1258985 for CVE-2026-26965",
"url": "https://bugzilla.suse.com/1258985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:49Z",
"details": "important"
}
],
"title": "CVE-2026-26965"
},
{
"cve": "CVE-2026-31806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31806"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31806",
"url": "https://www.suse.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "SUSE Bug 1259653 for CVE-2026-31806",
"url": "https://bugzilla.suse.com/1259653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:49Z",
"details": "important"
}
],
"title": "CVE-2026-31806"
},
{
"cve": "CVE-2026-31883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31883"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a size_t underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM decoders subtract block header sizes from a size_t variable without checking for underflow. When nBlockAlign (received from the server) is set such that size % block_size == 0 triggers the header parsing at a point where size is smaller than the header (4 or 8 bytes), the subtraction wraps size to ~SIZE_MAX. The while (size \u003e 0) loop then continues for an astronomical number of iterations. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31883",
"url": "https://www.suse.com/security/cve/CVE-2026-31883"
},
{
"category": "external",
"summary": "SUSE Bug 1259679 for CVE-2026-31883",
"url": "https://bugzilla.suse.com/1259679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:49Z",
"details": "important"
}
],
"title": "CVE-2026-31883"
},
{
"cve": "CVE-2026-31885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31885"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and step_index values from input data. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31885",
"url": "https://www.suse.com/security/cve/CVE-2026-31885"
},
{
"category": "external",
"summary": "SUSE Bug 1259686 for CVE-2026-31885",
"url": "https://bugzilla.suse.com/1259686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-devel-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-proxy-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:freerdp2-server-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libfreerdp2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:libwinpr2-2-2.11.7-150700.3.14.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:winpr2-devel-2.11.7-150700.3.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:49Z",
"details": "important"
}
],
"title": "CVE-2026-31885"
}
]
}
SUSE-SU-2026:1165-1
Vulnerability from csaf_suse - Published: 2026-04-01 13:40 - Updated: 2026-04-01 13:40Summary
Security update for freerdp
Severity
Important
Notes
Title of the patch: Security update for freerdp
Description of the patch: This update for freerdp fixes the following issues:
- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).
- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).
- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).
- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution
(bsc#1259653).
- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).
- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).
Patchnames: SUSE-2026-1165,SUSE-SLE-SERVER-12-SP5-LTSS-2026-1165,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1165
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.3 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for freerdp",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for freerdp fixes the following issues:\n\n- CVE-2026-26271: Buffer Overread in FreeRDP Icon Processing (bsc#1258979).\n- CVE-2026-26955: Out-of-bounds Write in freerdp (bsc#1258982).\n- CVE-2026-26965: Out-of-bounds Write in freerdp (bsc#1258985).\n- CVE-2026-31806: improper validation of server messages can lead to a heap buffer overflow and arbitrary code execution\n (bsc#1259653).\n- CVE-2026-31883: crafted RDPSND audio format and wave data can cause a heap buffer overflow write (bsc#1259679).\n- CVE-2026-31885: unchecked predictor can lead to an out-of-bounds read (bsc#1259686).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1165,SUSE-SLE-SERVER-12-SP5-LTSS-2026-1165,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1165",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1165-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1165-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261165-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1165-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/045256.html"
},
{
"category": "self",
"summary": "SUSE Bug 1258979",
"url": "https://bugzilla.suse.com/1258979"
},
{
"category": "self",
"summary": "SUSE Bug 1258982",
"url": "https://bugzilla.suse.com/1258982"
},
{
"category": "self",
"summary": "SUSE Bug 1258985",
"url": "https://bugzilla.suse.com/1258985"
},
{
"category": "self",
"summary": "SUSE Bug 1259653",
"url": "https://bugzilla.suse.com/1259653"
},
{
"category": "self",
"summary": "SUSE Bug 1259679",
"url": "https://bugzilla.suse.com/1259679"
},
{
"category": "self",
"summary": "SUSE Bug 1259686",
"url": "https://bugzilla.suse.com/1259686"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26271 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26955 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31806 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31883 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31885 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31885/"
}
],
"title": "Security update for freerdp",
"tracking": {
"current_release_date": "2026-04-01T13:40:57Z",
"generator": {
"date": "2026-04-01T13:40:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1165-1",
"initial_release_date": "2026-04-01T13:40:57Z",
"revision_history": [
{
"date": "2026-04-01T13:40:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.1.2-12.63.1.aarch64",
"product": {
"name": "freerdp-2.1.2-12.63.1.aarch64",
"product_id": "freerdp-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.1.2-12.63.1.aarch64",
"product": {
"name": "freerdp-devel-2.1.2-12.63.1.aarch64",
"product_id": "freerdp-devel-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.1.2-12.63.1.aarch64",
"product": {
"name": "freerdp-proxy-2.1.2-12.63.1.aarch64",
"product_id": "freerdp-proxy-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.1.2-12.63.1.aarch64",
"product": {
"name": "freerdp-server-2.1.2-12.63.1.aarch64",
"product_id": "freerdp-server-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.1.2-12.63.1.aarch64",
"product": {
"name": "freerdp-wayland-2.1.2-12.63.1.aarch64",
"product_id": "freerdp-wayland-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.1.2-12.63.1.aarch64",
"product": {
"name": "libfreerdp2-2.1.2-12.63.1.aarch64",
"product_id": "libfreerdp2-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.1.2-12.63.1.aarch64",
"product": {
"name": "libuwac0-0-2.1.2-12.63.1.aarch64",
"product_id": "libuwac0-0-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.1.2-12.63.1.aarch64",
"product": {
"name": "libwinpr2-2.1.2-12.63.1.aarch64",
"product_id": "libwinpr2-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.1.2-12.63.1.aarch64",
"product": {
"name": "uwac0-0-devel-2.1.2-12.63.1.aarch64",
"product_id": "uwac0-0-devel-2.1.2-12.63.1.aarch64"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.1.2-12.63.1.aarch64",
"product": {
"name": "winpr2-devel-2.1.2-12.63.1.aarch64",
"product_id": "winpr2-devel-2.1.2-12.63.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.1.2-12.63.1.i586",
"product": {
"name": "freerdp-2.1.2-12.63.1.i586",
"product_id": "freerdp-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.1.2-12.63.1.i586",
"product": {
"name": "freerdp-devel-2.1.2-12.63.1.i586",
"product_id": "freerdp-devel-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.1.2-12.63.1.i586",
"product": {
"name": "freerdp-proxy-2.1.2-12.63.1.i586",
"product_id": "freerdp-proxy-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.1.2-12.63.1.i586",
"product": {
"name": "freerdp-server-2.1.2-12.63.1.i586",
"product_id": "freerdp-server-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.1.2-12.63.1.i586",
"product": {
"name": "freerdp-wayland-2.1.2-12.63.1.i586",
"product_id": "freerdp-wayland-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.1.2-12.63.1.i586",
"product": {
"name": "libfreerdp2-2.1.2-12.63.1.i586",
"product_id": "libfreerdp2-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.1.2-12.63.1.i586",
"product": {
"name": "libuwac0-0-2.1.2-12.63.1.i586",
"product_id": "libuwac0-0-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.1.2-12.63.1.i586",
"product": {
"name": "libwinpr2-2.1.2-12.63.1.i586",
"product_id": "libwinpr2-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.1.2-12.63.1.i586",
"product": {
"name": "uwac0-0-devel-2.1.2-12.63.1.i586",
"product_id": "uwac0-0-devel-2.1.2-12.63.1.i586"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.1.2-12.63.1.i586",
"product": {
"name": "winpr2-devel-2.1.2-12.63.1.i586",
"product_id": "winpr2-devel-2.1.2-12.63.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.1.2-12.63.1.ppc64le",
"product": {
"name": "freerdp-2.1.2-12.63.1.ppc64le",
"product_id": "freerdp-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.1.2-12.63.1.ppc64le",
"product": {
"name": "freerdp-devel-2.1.2-12.63.1.ppc64le",
"product_id": "freerdp-devel-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.1.2-12.63.1.ppc64le",
"product": {
"name": "freerdp-proxy-2.1.2-12.63.1.ppc64le",
"product_id": "freerdp-proxy-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.1.2-12.63.1.ppc64le",
"product": {
"name": "freerdp-server-2.1.2-12.63.1.ppc64le",
"product_id": "freerdp-server-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.1.2-12.63.1.ppc64le",
"product": {
"name": "freerdp-wayland-2.1.2-12.63.1.ppc64le",
"product_id": "freerdp-wayland-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.1.2-12.63.1.ppc64le",
"product": {
"name": "libfreerdp2-2.1.2-12.63.1.ppc64le",
"product_id": "libfreerdp2-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.1.2-12.63.1.ppc64le",
"product": {
"name": "libuwac0-0-2.1.2-12.63.1.ppc64le",
"product_id": "libuwac0-0-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.1.2-12.63.1.ppc64le",
"product": {
"name": "libwinpr2-2.1.2-12.63.1.ppc64le",
"product_id": "libwinpr2-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.1.2-12.63.1.ppc64le",
"product": {
"name": "uwac0-0-devel-2.1.2-12.63.1.ppc64le",
"product_id": "uwac0-0-devel-2.1.2-12.63.1.ppc64le"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.1.2-12.63.1.ppc64le",
"product": {
"name": "winpr2-devel-2.1.2-12.63.1.ppc64le",
"product_id": "winpr2-devel-2.1.2-12.63.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.1.2-12.63.1.s390",
"product": {
"name": "freerdp-2.1.2-12.63.1.s390",
"product_id": "freerdp-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.1.2-12.63.1.s390",
"product": {
"name": "freerdp-devel-2.1.2-12.63.1.s390",
"product_id": "freerdp-devel-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.1.2-12.63.1.s390",
"product": {
"name": "freerdp-proxy-2.1.2-12.63.1.s390",
"product_id": "freerdp-proxy-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.1.2-12.63.1.s390",
"product": {
"name": "freerdp-server-2.1.2-12.63.1.s390",
"product_id": "freerdp-server-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.1.2-12.63.1.s390",
"product": {
"name": "freerdp-wayland-2.1.2-12.63.1.s390",
"product_id": "freerdp-wayland-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.1.2-12.63.1.s390",
"product": {
"name": "libfreerdp2-2.1.2-12.63.1.s390",
"product_id": "libfreerdp2-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.1.2-12.63.1.s390",
"product": {
"name": "libuwac0-0-2.1.2-12.63.1.s390",
"product_id": "libuwac0-0-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.1.2-12.63.1.s390",
"product": {
"name": "libwinpr2-2.1.2-12.63.1.s390",
"product_id": "libwinpr2-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.1.2-12.63.1.s390",
"product": {
"name": "uwac0-0-devel-2.1.2-12.63.1.s390",
"product_id": "uwac0-0-devel-2.1.2-12.63.1.s390"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.1.2-12.63.1.s390",
"product": {
"name": "winpr2-devel-2.1.2-12.63.1.s390",
"product_id": "winpr2-devel-2.1.2-12.63.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.1.2-12.63.1.s390x",
"product": {
"name": "freerdp-2.1.2-12.63.1.s390x",
"product_id": "freerdp-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.1.2-12.63.1.s390x",
"product": {
"name": "freerdp-devel-2.1.2-12.63.1.s390x",
"product_id": "freerdp-devel-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.1.2-12.63.1.s390x",
"product": {
"name": "freerdp-proxy-2.1.2-12.63.1.s390x",
"product_id": "freerdp-proxy-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.1.2-12.63.1.s390x",
"product": {
"name": "freerdp-server-2.1.2-12.63.1.s390x",
"product_id": "freerdp-server-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.1.2-12.63.1.s390x",
"product": {
"name": "freerdp-wayland-2.1.2-12.63.1.s390x",
"product_id": "freerdp-wayland-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.1.2-12.63.1.s390x",
"product": {
"name": "libfreerdp2-2.1.2-12.63.1.s390x",
"product_id": "libfreerdp2-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.1.2-12.63.1.s390x",
"product": {
"name": "libuwac0-0-2.1.2-12.63.1.s390x",
"product_id": "libuwac0-0-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.1.2-12.63.1.s390x",
"product": {
"name": "libwinpr2-2.1.2-12.63.1.s390x",
"product_id": "libwinpr2-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.1.2-12.63.1.s390x",
"product": {
"name": "uwac0-0-devel-2.1.2-12.63.1.s390x",
"product_id": "uwac0-0-devel-2.1.2-12.63.1.s390x"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.1.2-12.63.1.s390x",
"product": {
"name": "winpr2-devel-2.1.2-12.63.1.s390x",
"product_id": "winpr2-devel-2.1.2-12.63.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2.1.2-12.63.1.x86_64",
"product": {
"name": "freerdp-2.1.2-12.63.1.x86_64",
"product_id": "freerdp-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-devel-2.1.2-12.63.1.x86_64",
"product": {
"name": "freerdp-devel-2.1.2-12.63.1.x86_64",
"product_id": "freerdp-devel-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-proxy-2.1.2-12.63.1.x86_64",
"product": {
"name": "freerdp-proxy-2.1.2-12.63.1.x86_64",
"product_id": "freerdp-proxy-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-server-2.1.2-12.63.1.x86_64",
"product": {
"name": "freerdp-server-2.1.2-12.63.1.x86_64",
"product_id": "freerdp-server-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "freerdp-wayland-2.1.2-12.63.1.x86_64",
"product": {
"name": "freerdp-wayland-2.1.2-12.63.1.x86_64",
"product_id": "freerdp-wayland-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreerdp2-2.1.2-12.63.1.x86_64",
"product": {
"name": "libfreerdp2-2.1.2-12.63.1.x86_64",
"product_id": "libfreerdp2-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "libuwac0-0-2.1.2-12.63.1.x86_64",
"product": {
"name": "libuwac0-0-2.1.2-12.63.1.x86_64",
"product_id": "libuwac0-0-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "libwinpr2-2.1.2-12.63.1.x86_64",
"product": {
"name": "libwinpr2-2.1.2-12.63.1.x86_64",
"product_id": "libwinpr2-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "uwac0-0-devel-2.1.2-12.63.1.x86_64",
"product": {
"name": "uwac0-0-devel-2.1.2-12.63.1.x86_64",
"product_id": "uwac0-0-devel-2.1.2-12.63.1.x86_64"
}
},
{
"category": "product_version",
"name": "winpr2-devel-2.1.2-12.63.1.x86_64",
"product": {
"name": "winpr2-devel-2.1.2-12.63.1.x86_64",
"product_id": "winpr2-devel-2.1.2-12.63.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.1.2-12.63.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64"
},
"product_reference": "freerdp-devel-2.1.2-12.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.1.2-12.63.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le"
},
"product_reference": "freerdp-devel-2.1.2-12.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.1.2-12.63.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x"
},
"product_reference": "freerdp-devel-2.1.2-12.63.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.1.2-12.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64"
},
"product_reference": "freerdp-devel-2.1.2-12.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.1.2-12.63.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64"
},
"product_reference": "winpr2-devel-2.1.2-12.63.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.1.2-12.63.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le"
},
"product_reference": "winpr2-devel-2.1.2-12.63.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.1.2-12.63.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x"
},
"product_reference": "winpr2-devel-2.1.2-12.63.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.1.2-12.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64"
},
"product_reference": "winpr2-devel-2.1.2-12.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2.1.2-12.63.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64"
},
"product_reference": "freerdp-devel-2.1.2-12.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "winpr2-devel-2.1.2-12.63.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
},
"product_reference": "winpr2-devel-2.1.2-12.63.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-26271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26271"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer overread in `freerdp_image_copy_from_icon_data()` (libfreerdp/codec/color.c) can be triggered by crafted RDP Window Icon (TS_ICON_INFO) data. The bug is reachable over the network when a client processes icon data from an RDP server (or from a man-in-the-middle). Version 3.23.0 fixes the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26271",
"url": "https://www.suse.com/security/cve/CVE-2026-26271"
},
{
"category": "external",
"summary": "SUSE Bug 1258979 for CVE-2026-26271",
"url": "https://bugzilla.suse.com/1258979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:57Z",
"details": "moderate"
}
],
"title": "CVE-2026-26271"
},
{
"cve": "CVE-2026-26955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26955"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline (e.g., `xfreerdp`) by sending an RDPGFX ClearCodec surface command with an out-of-bounds destination rectangle. The `gdi_SurfaceCommand_ClearCodec()` handler does not call `is_within_surface()` to validate the command rectangle against the destination surface dimensions, allowing attacker-controlled `cmd-\u003eleft`/`cmd-\u003etop` (and subcodec rectangle offsets) to reach image copy routines that write into `surface-\u003edata` without bounds enforcement. The OOB write corrupts an adjacent `gdiGfxSurface` struct\u0027s `codecs*` pointer with attacker-controlled pixel data, and corruption of `codecs*` is sufficient to reach an indirect function pointer call (`NSC_CONTEXT.decode` at `nsc.c:500`) on a subsequent codec command - full instruction pointer (RIP) control demonstrated in exploitability harness. Users should upgrade to version 3.23.0 to receive a patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26955",
"url": "https://www.suse.com/security/cve/CVE-2026-26955"
},
{
"category": "external",
"summary": "SUSE Bug 1258982 for CVE-2026-26955",
"url": "https://bugzilla.suse.com/1258982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:57Z",
"details": "important"
}
],
"title": "CVE-2026-26955"
},
{
"cve": "CVE-2026-26965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26965"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, `planar_decompress_plane_rle()` writes into `pDstData` at `((nYDst+y) * nDstStep) + (4*nXDst) + nChannel` without verifying that `(nYDst+nSrcHeight)` fits in the destination height or that `(nXDst+nSrcWidth)` fits in the destination stride. When `TempFormat != DstFormat`, `pDstData` becomes `planar-\u003epTempData` (sized for the desktop), while `nYDst` is only validated against the **surface** by `is_within_surface()`. A malicious RDP server can exploit this to perform a heap out-of-bounds write with attacker-controlled offset and pixel data on any connecting FreeRDP client. The OOB write reaches up to 132,096 bytes past the temp buffer end, and on the brk heap (desktop \u2264 128x128), an adjacent `NSC_CONTEXT` struct\u0027s `decode` function pointer is overwritten with attacker-controlled pixel data - control-flow-relevant corruption (function pointer overwritten) demonstrated under deterministic heap layout (`nsc-\u003edecode = 0xFF414141FF414141`). Version 3.23.0 fixes the vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26965",
"url": "https://www.suse.com/security/cve/CVE-2026-26965"
},
{
"category": "external",
"summary": "SUSE Bug 1258985 for CVE-2026-26965",
"url": "https://bugzilla.suse.com/1258985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:57Z",
"details": "important"
}
],
"title": "CVE-2026-26965"
},
{
"cve": "CVE-2026-31806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31806"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31806",
"url": "https://www.suse.com/security/cve/CVE-2026-31806"
},
{
"category": "external",
"summary": "SUSE Bug 1259653 for CVE-2026-31806",
"url": "https://bugzilla.suse.com/1259653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:57Z",
"details": "important"
}
],
"title": "CVE-2026-31806"
},
{
"cve": "CVE-2026-31883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31883"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a size_t underflow in the IMA-ADPCM and MS-ADPCM audio decoders leads to heap-buffer-overflow write via the RDPSND audio channel. In libfreerdp/codec/dsp.c, the IMA-ADPCM and MS-ADPCM decoders subtract block header sizes from a size_t variable without checking for underflow. When nBlockAlign (received from the server) is set such that size % block_size == 0 triggers the header parsing at a point where size is smaller than the header (4 or 8 bytes), the subtraction wraps size to ~SIZE_MAX. The while (size \u003e 0) loop then continues for an astronomical number of iterations. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31883",
"url": "https://www.suse.com/security/cve/CVE-2026-31883"
},
{
"category": "external",
"summary": "SUSE Bug 1259679 for CVE-2026-31883",
"url": "https://bugzilla.suse.com/1259679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:57Z",
"details": "important"
}
],
"title": "CVE-2026-31883"
},
{
"cve": "CVE-2026-31885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31885"
}
],
"notes": [
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and step_index values from input data. This vulnerability is fixed in 3.24.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31885",
"url": "https://www.suse.com/security/cve/CVE-2026-31885"
},
{
"category": "external",
"summary": "SUSE Bug 1259686 for CVE-2026-31885",
"url": "https://bugzilla.suse.com/1259686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:winpr2-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:freerdp-devel-2.1.2-12.63.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:winpr2-devel-2.1.2-12.63.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-01T13:40:57Z",
"details": "important"
}
],
"title": "CVE-2026-31885"
}
]
}
FKIE_CVE-2026-31806
Vulnerability from fkie_nvd - Published: 2026-03-13 19:54 - Updated: 2026-03-17 14:27
Severity ?
Summary
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97FCA262-35C3-4B6B-A321-15CE780FCA20",
"versionEndExcluding": "3.24.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, the gdi_surface_bits() function processes SURFACE_BITS_COMMAND messages sent by the RDP server. When the command is handled using NSCodec, the bmp.width and bmp.height values provided by the server are not properly validated against the actual desktop dimensions. A malicious RDP server can supply crafted bmp.width and bmp.height values that exceed the expected surface size. Because these values are used during bitmap decoding and memory operations without proper bounds checking, this can lead to a heap buffer overflow. Since the attacker can also control the associated pixel data transmitted by the server, the overflow may be exploitable to overwrite adjacent heap memory. This vulnerability is fixed in 3.24.0."
},
{
"lang": "es",
"value": "FreeRDP es una implementaci\u00f3n gratuita del Protocolo de Escritorio Remoto. Antes de la versi\u00f3n 3.24.0, la funci\u00f3n gdi_surface_bits() procesa los mensajes SURFACE_BITS_COMMAND enviados por el servidor RDP. Cuando el comando se maneja usando NSCodec, los valores bmp.width y bmp.height proporcionados por el servidor no se validan correctamente contra las dimensiones reales del escritorio. Un servidor RDP malicioso puede proporcionar valores bmp.width y bmp.height manipulados que exceden el tama\u00f1o de superficie esperado. Debido a que estos valores se utilizan durante la decodificaci\u00f3n de mapas de bits y las operaciones de memoria sin una verificaci\u00f3n de l\u00edmites adecuada, esto puede conducir a un desbordamiento de b\u00fafer de pila. Dado que el atacante tambi\u00e9n puede controlar los datos de p\u00edxeles asociados transmitidos por el servidor, el desbordamiento puede ser explotable para sobrescribir memoria de pila adyacente. Esta vulnerabilidad est\u00e1 corregida en la versi\u00f3n 3.24.0."
}
],
"id": "CVE-2026-31806",
"lastModified": "2026-03-17T14:27:20.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2026-03-13T19:54:36.300",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…