FreeRDP, an open-source RDP client implementation, contains multiple vulnerabilities that can lead to denial of service, information disclosure, and potentially arbitrary code execution. The vulnerabilities include heap use-after-free during auto-reconnect (CVE-2026-25997), use-after-free (CVE-2026-25952), double free during disconnect (CVE-2026-26986), heap-buffer-overflow via out-of-bounds cacheId (CVE-2026-29775), out-of-bounds read in ADPCM decoders (CVE-2026-31885), division-by-zero in ADPCM decoders (CVE-2026-31884), denial of service via crafted audio data (CVE-2026-31883), information disclosure via heap out-of-bounds read (CVE-2026-33985), information disclosure and denial of service via heap-buffer-overflow read (CVE-2026-33982), and memory corruption allowing denial of service or arbitrary code execution (CVE-2026-33987). These vulnerabilities affect multiple Red Hat Enterprise Linux 10.0 Extended Update Support variants and architectures. Red Hat has released updated packages to remediate these issues.

The vulnerabilities can cause denial of service conditions, information disclosure, and in some cases memory corruption that may allow arbitrary code execution. The impact affects systems running vulnerable versions of FreeRDP on Red Hat Enterprise Linux 10.0 Extended Update Support and related CodeReady Linux Builder packages. No known exploits in the wild have been reported at the time of this advisory. The overall security impact is rated as moderate by Red Hat Product Security.

Red Hat has released updated freerdp packages for Red Hat Enterprise Linux 10.0 Extended Update Support and related CodeReady Linux Builder variants that address these vulnerabilities. Users should apply the updates provided in advisory RHSA-2026:20605 as soon as possible. For detailed update instructions, refer to https://access.redhat.com/articles/11258. No additional mitigation actions are indicated by the vendor advisory.