The Red Hat security advisory RHSA-2026:16865 addresses eight vulnerabilities in FreeRDP, including CVE-2026-25952 (use-after-free leading to denial of service), CVE-2026-26986 (double free during disconnect causing denial of service), CVE-2026-27951 (endless blocking loop causing denial of service), CVE-2026-29775 (heap-buffer-overflow via out-of-bounds cacheId), CVE-2026-31885 (out-of-bounds read in ADPCM decoders due to missing bounds checks), CVE-2026-31884 (division-by-zero in ADPCM decoders when nBlockAlign is zero), CVE-2026-31883 (denial of service via crafted audio data), and CVE-2026-33985 (information disclosure via heap memory out-of-bounds read). These vulnerabilities impact the freerdp client used to connect to RDP servers and affect multiple Red Hat Enterprise Linux 9.6 Extended Update Support variants and architectures. The advisory includes updated packages to remediate these issues.

The vulnerabilities collectively can cause denial of service conditions through memory corruption issues such as use-after-free, double free, blocking loops, and crafted input data. Additionally, there is a potential for information disclosure due to out-of-bounds heap memory reads. The issues affect the freerdp client, which could impact systems using FreeRDP to connect to RDP servers. No known exploits in the wild have been reported at this time.

Red Hat has released updated freerdp packages for Red Hat Enterprise Linux 9.6 Extended Update Support and related products that address these vulnerabilities. Users should apply the security update RHSA-2026:16865 promptly to remediate the issues. For detailed update instructions, refer to https://access.redhat.com/articles/11258. No additional mitigation actions are specified or required beyond applying the official patch.