{"id":"RHSA-2026:2714","summary":"Red Hat Security Advisory: freerdp security update","modified":"2026-03-18T11:40:06.755495Z","published":"2026-02-17T10:12:24Z","upstream":["CVE-2026-23530","CVE-2026-23531","CVE-2026-23532","CVE-2026-23533","CVE-2026-23884"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:2714"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430877"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430880"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430886"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430887"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2430891"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2714.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23530"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-23530"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23530"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L1689-L1696"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L1713-L1716"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/planar.c#L951-L953"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/releases/tag/3.21.0"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-r4hv-852m-fq7p"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23531"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-23531"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23531"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L1139-L1145"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xj5h-9cr5-23c5"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23532"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-23532"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23532"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/gdi/gfx.c#L1368-L1382"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fq8c-87hj-7gvr"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23533"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-23533"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23533"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L268-L281"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/38514dfa5813aa945a86cfbcec279033f8394468/libfreerdp/codec/clear.c#L336"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-32q9-m5qr-9j2v"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-23884"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-23884"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23884"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/3370e30e92a021eb680892dda14d642bc8b8727c/libfreerdp/cache/offscreen.c#L114-L122"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/blob/3370e30e92a021eb680892dda14d642bc8b8727c/libfreerdp/cache/offscreen.c#L87-L91"},{"type":"ARTICLE","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cfgj-vc84-f3pp"}],"affected":[{"package":{"name":"freerdp","ecosystem":"Red Hat:rhel_els:7","purl":"pkg:rpm/redhat/freerdp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-5.el7_9.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:2714.json"}},{"package":{"name":"freerdp-debuginfo","ecosystem":"Red Hat:rhel_els:7","purl":"pkg:rpm/redhat/freerdp-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-5.el7_9.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:2714.json"}},{"package":{"name":"freerdp-devel","ecosystem":"Red Hat:rhel_els:7","purl":"pkg:rpm/redhat/freerdp-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-5.el7_9.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:2714.json"}},{"package":{"name":"freerdp-libs","ecosystem":"Red Hat:rhel_els:7","purl":"pkg:rpm/redhat/freerdp-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-5.el7_9.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:2714.json"}},{"package":{"name":"libwinpr","ecosystem":"Red Hat:rhel_els:7","purl":"pkg:rpm/redhat/libwinpr"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-5.el7_9.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:2714.json"}},{"package":{"name":"libwinpr-devel","ecosystem":"Red Hat:rhel_els:7","purl":"pkg:rpm/redhat/libwinpr-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-5.el7_9.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:2714.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}]}