Bug 2453217 (CVE-2026-33985) - CVE-2026-33985 FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read
Summary: CVE-2026-33985 FreeRDP: FreeRDP: Information disclosure via heap memory out o...
Keywords:
Status: NEW
Alias: CVE-2026-33985
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2453245 2453247 2453246
Blocks:
TreeView+ depends on / blocked
 
Reported: 2026-03-30 22:01 UTC by OSIDB Bzimport
Modified: 2026-05-26 04:54 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2026:16014 0 None None None 2026-05-11 16:15:31 UTC
Red Hat Product Errata RHSA-2026:16019 0 None None None 2026-05-11 16:18:34 UTC
Red Hat Product Errata RHSA-2026:16482 0 None None None 2026-05-13 00:57:01 UTC
Red Hat Product Errata RHSA-2026:16483 0 None None None 2026-05-12 23:24:45 UTC
Red Hat Product Errata RHSA-2026:16485 0 None None None 2026-05-12 23:25:02 UTC
Red Hat Product Errata RHSA-2026:16777 0 None None None 2026-05-13 04:39:03 UTC
Red Hat Product Errata RHSA-2026:16814 0 None None None 2026-05-13 05:49:43 UTC
Red Hat Product Errata RHSA-2026:16865 0 None None None 2026-05-13 06:48:23 UTC
Red Hat Product Errata RHSA-2026:16866 0 None None None 2026-05-13 06:38:53 UTC
Red Hat Product Errata RHSA-2026:19142 0 None None None 2026-05-19 16:08:59 UTC
Red Hat Product Errata RHSA-2026:19358 0 None None None 2026-05-19 21:40:14 UTC
Red Hat Product Errata RHSA-2026:19811 0 None None None 2026-05-20 19:42:57 UTC
Red Hat Product Errata RHSA-2026:20546 0 None None None 2026-05-26 01:54:28 UTC
Red Hat Product Errata RHSA-2026:20605 0 None None None 2026-05-26 04:54:41 UTC

Description OSIDB Bzimport 2026-03-30 22:01:40 UTC 
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, pixel data from adjacent heap memory is rendered to screen, potentially leaking sensitive data to the attacker. This issue has been patched in version 3.24.2.
Comment 2 errata-xmlrpc 2026-05-11 16:15:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:16014 https://access.redhat.com/errata/RHSA-2026:16014
Comment 3 errata-xmlrpc 2026-05-11 16:18:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:16019 https://access.redhat.com/errata/RHSA-2026:16019
Comment 4 errata-xmlrpc 2026-05-12 23:24:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:16483 https://access.redhat.com/errata/RHSA-2026:16483
Comment 5 errata-xmlrpc 2026-05-12 23:25:01 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:16485 https://access.redhat.com/errata/RHSA-2026:16485
Comment 6 errata-xmlrpc 2026-05-13 00:57:00 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:16482 https://access.redhat.com/errata/RHSA-2026:16482
Comment 7 errata-xmlrpc 2026-05-13 04:39:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.8 Telecommunications Update Service

Via RHSA-2026:16777 https://access.redhat.com/errata/RHSA-2026:16777
Comment 8 errata-xmlrpc 2026-05-13 05:49:42 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2026:16814 https://access.redhat.com/errata/RHSA-2026:16814
Comment 9 errata-xmlrpc 2026-05-13 06:38:52 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:16866 https://access.redhat.com/errata/RHSA-2026:16866
Comment 10 errata-xmlrpc 2026-05-13 06:48:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:16865 https://access.redhat.com/errata/RHSA-2026:16865
Comment 11 errata-xmlrpc 2026-05-19 16:08:58 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:19142 https://access.redhat.com/errata/RHSA-2026:19142
Comment 12 errata-xmlrpc 2026-05-19 21:40:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:19358 https://access.redhat.com/errata/RHSA-2026:19358
Comment 13 errata-xmlrpc 2026-05-20 19:42:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On

Via RHSA-2026:19811 https://access.redhat.com/errata/RHSA-2026:19811
Comment 14 errata-xmlrpc 2026-05-26 01:54:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7 Extended Lifecycle Support

Via RHSA-2026:20546 https://access.redhat.com/errata/RHSA-2026:20546
Comment 15 errata-xmlrpc 2026-05-26 04:54:40 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:20605 https://access.redhat.com/errata/RHSA-2026:20605
Note You need to log in before you can comment on or make changes to this bug.