{ "schema_version": "1.7.0", "id": "RHSA-2026:6918", "related": [], "upstream": [ "CVE-2026-22852", "CVE-2026-22854", "CVE-2026-22856", "CVE-2026-23732", "CVE-2026-23948", "CVE-2026-24491", "CVE-2026-24675", "CVE-2026-24676", "CVE-2026-24679", "CVE-2026-24681", "CVE-2026-24683", "CVE-2026-24684", "CVE-2026-31806" ], "published": "2026-04-08T10:09:00Z", "modified": "2026-04-09T10:11:30Z", "summary": "Red Hat Security Advisory: freerdp security update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "affected": [ { "package": { "name": "freerdp", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/freerdp" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/freerdp-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-debugsource", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/freerdp-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-devel", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/freerdp-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-libs", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/freerdp-libs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-libs-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/freerdp-libs-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/libwinpr" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/libwinpr-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr-devel", "ecosystem": "Red Hat:enterprise_linux:8::appstream", "purl": "pkg:rpm/redhat/libwinpr-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/freerdp" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/freerdp-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-debugsource", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/freerdp-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-devel", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/freerdp-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-libs", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/freerdp-libs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "freerdp-libs-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/freerdp-libs-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/libwinpr" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr-debuginfo", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/libwinpr-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "libwinpr-devel", "ecosystem": "Red Hat:enterprise_linux:8::crb", "purl": "pkg:rpm/redhat/libwinpr-devel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2:2.11.7-6.el8_10" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2026:6918" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429650" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429652" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429654" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430881" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438201" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438202" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438207" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438208" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438210" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438216" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438217" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438221" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447376" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6918.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-22852" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-22852" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22852" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9chc-g79v-4qq4" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-22854" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-22854" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22854" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-47vj-g3c3-3rmf" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-22856" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-22856" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22856" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w842-c386-fxhv" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-23732" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-23732" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23732" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/cache/glyph.c#L463-L480" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/codec/color.c#L261-L277" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/graphics.c#L138" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/blob/f96ee2a6dd02739325c2a4e36a14978b561f00ea/libfreerdp/core/orders.c#L2186C17-L2199" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7qxp-j2fj-c3pp" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-23948" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-23948" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23948" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/4d44e3c097656a8b9ec696353647b0888ca45860" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6f3c-qvqq-2px5" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-24491" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-24491" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24491" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/e02e052f6692550e539d10f99de9c35a23492db2" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4x6j-w49r-869g" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-24675" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-24675" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24675" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/d676518809c319eec15911c705c13536036af2ae" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x9jr-99h2-g7mj" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-24676" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-24676" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24676" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/026b81ae5831ac1598d8f7371e0d0996fac7db00" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qh5p-frq4-pgxj" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-24679" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-24679" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24679" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/2d563a50be17c1b407ca448b1321378c0726dd31" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2jp4-67x6-gv7x" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-24681" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-24681" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24681" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/414f701464929c217f2509bcbd6d2c1f00f7ed73" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ccvv-hg2w-6x9j" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-24683" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-24683" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24683" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/d9ca272dce7a776ab475e9b1a8e8c3d2968c8486" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-45pf-68pj-fg8q" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-24684" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-24684" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24684" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/622bb7b4402491ca003f47472d0e478132673696" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/afa6851dc80835d3101e40fcef51b6c5c0f43ea5" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vcgv-xgjp-h83q" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-31806" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-31806" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31806" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/commit/83d9aedea278a74af3e490ff5eeb889c016dbb2b" }, { "type": "ARTICLE", "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2" } ] }