FreeRDP, an open-source RDP client included in Red Hat Enterprise Linux 10, contains multiple security vulnerabilities. These include denial of service via heap use-after-free during auto-reconnect (CVE-2026-25997), denial of service due to use-after-free (CVE-2026-25952), denial of service via double free during disconnect (CVE-2026-26986), heap-buffer-overflow in bitmap_cache_put (CVE-2026-29775), out-of-bounds read and division-by-zero in ADPCM decoders (CVE-2026-31885, CVE-2026-31884), denial of service via crafted audio data (CVE-2026-31883), information disclosure via heap out-of-bounds read (CVE-2026-33985), information disclosure and denial of service via heap-buffer-overflow read (CVE-2026-33982), and memory corruption allowing denial of service or arbitrary code execution (CVE-2026-33987). Red Hat has released updated packages to address these vulnerabilities in Red Hat Enterprise Linux 10 and related CodeReady Linux Builder variants.

The vulnerabilities collectively allow for denial of service conditions through various memory corruption issues such as use-after-free, double free, heap-buffer-overflow, and division-by-zero errors. Additionally, some vulnerabilities enable information disclosure through out-of-bounds heap reads. The most severe vulnerability (CVE-2026-33987) can lead to memory corruption that allows either denial of service or arbitrary code execution. These issues could impact the stability and security of systems using FreeRDP clients on affected Red Hat Enterprise Linux 10 platforms.

Red Hat has released updated packages for FreeRDP in Red Hat Enterprise Linux 10 and related products that address all listed vulnerabilities. Users and administrators should apply these official updates promptly to remediate the security issues. For detailed update instructions and package information, refer to the Red Hat advisory RHSA-2026:16014 at https://access.redhat.com/errata/RHSA-2026:16014. No additional mitigation steps are indicated beyond applying the provided patches.