{"schema_version": "1.7.0", "id": "RLSA-2026:6918", "modified": "2026-04-09T06:08:51.579040Z", "published": "2026-04-09T06:02:21.819616Z", "upstream": ["CVE-2026-22852", "CVE-2026-22854", "CVE-2026-22856", "CVE-2026-23732", "CVE-2026-23948", "CVE-2026-24491", "CVE-2026-24675", "CVE-2026-24676", "CVE-2026-24679", "CVE-2026-24681", "CVE-2026-24683", "CVE-2026-24684", "CVE-2026-31806"], "summary": "Important: freerdp security update", "details": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP heap-use-after-free (CVE-2026-22856)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22854)\n\n* freerdp: FreeRDP heap-buffer-overflow (CVE-2026-22852)\n\n* freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow (CVE-2026-23732)\n\n* freerdp: FreeRDP: Denial of Service via use-after-free in AUDIN format renegotiation (CVE-2026-24676)\n\n* freerdp: FreeRDP has a heap-use-after-free in video_timer (CVE-2026-24491)\n\n* freerdp: FreeRDP has a NULL Pointer Dereference in rdp_write_logon_info_v2() (CVE-2026-23948)\n\n* freerdp: FreeRDP has a Heap-use-after-free in play_thread (CVE-2026-24684)\n\n* freerdp: FreeRDP has a heap-use-after-free in urb_bulk_transfer_cb (CVE-2026-24681)\n\n* freerdp: FreeRDP has a heap-use-after-free in ainput_send_input_event (CVE-2026-24683)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface (CVE-2026-24679)\n\n* freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface (CVE-2026-24675)\n\n* freerdp: FreeRDP: Arbitrary code execution via crafted Remote Desktop Protocol (RDP) server messages (CVE-2026-31806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "freerdp", "purl": "pkg:rpm/rocky-linux/freerdp?distro=rocky-linux-8&epoch=2"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "2:2.11.7-6.el8_10"}], "database_specific": {"yum_repository": "AppStream"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2026:6918"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}