The Red Hat security advisory RHSA-2026:19811 addresses eight vulnerabilities in FreeRDP versions included with Red Hat Enterprise Linux 8.4. The issues include denial of service vulnerabilities due to use-after-free (CVE-2026-25952), double free during disconnect (CVE-2026-26986), and an endless blocking loop in Stream_EnsureCapacity (CVE-2026-27951). Memory safety flaws include a heap-buffer-overflow in bitmap_cache_put via out-of-bounds cacheId (CVE-2026-29775), out-of-bounds read in ADPCM decoders due to missing bounds checks (CVE-2026-31885), and a division-by-zero in ADPCM decoders when nBlockAlign is zero (CVE-2026-31884). Additionally, denial of service via crafted audio data (CVE-2026-31883) and information disclosure via heap memory out-of-bounds read (CVE-2026-33985) are fixed. These vulnerabilities could cause application crashes or leak information when processing specially crafted RDP data. The advisory provides updated freerdp packages to remediate these issues.

The vulnerabilities collectively can lead to denial of service conditions through memory corruption and logic errors, potentially causing the freerdp client to crash or hang. The information disclosure vulnerability may allow an attacker to read heap memory beyond intended boundaries, potentially exposing sensitive information. These impacts affect systems running vulnerable versions of freerdp on Red Hat Enterprise Linux 8.4. No known exploits in the wild have been reported at the time of the advisory.

Red Hat has released updated freerdp packages for Red Hat Enterprise Linux 8.4 Extended Update Support and Advanced Update Support that address these vulnerabilities. Users should apply the security update as detailed in the Red Hat advisory RHSA-2026:19811 and the referenced article https://access.redhat.com/articles/11258 to remediate these issues. Since this is an official fix from the vendor, applying the update is the recommended mitigation. Patch status is confirmed by the vendor advisory.