Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Fedora 43 freerdp Critical Security Issues CVE-2026-57156 57157 57158

fedora
Calendar Grey July 14, 2026
Dist Fedora Esm H88
Update freerdp in Fedora 43 addresses critical security issues including information disclosure and arbitrary code execution risks.
Update to 3.28.0 It fixes CVE-2026-57156, CVE-2026-57157 and CVE-2026-57158.

Summary

The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP

project.

xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows

machines, xrdp and VirtualBox.

Update Information:

Update to 3.28.0 It fixes CVE-2026-57156, CVE-2026-57157 and CVE-2026-57158.

Change Log

* Mon Jul 13 2026 Ondrej Holy - 2:3.28.0-1 - Update to 3.28.0 (CVE-2026-57156, CVE-2026-57157, CVE-2026-57158) Resolves: rhbz#2497324

References


[ 1 ] Bug #2499199 - CVE-2026-57158 freerdp: FreeRDP: Information disclosure via truncated RDPGFX planar payload [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2499199 [ 2 ] Bug #2499200 - CVE-2026-57157 freerdp: FreeRDP: Out-of-bounds read leads to information disclosure and denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2499200 [ 3 ] Bug #2499226 - CVE-2026-57156 freerdp: FreeRDP: Arbitrary code execution or denial of service via integer overflow in RDP message processing [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2499226

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e2afc3151d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: freerdp
Product: Fedora 43
Version: 3.28.0
Release: 1.fc43
Summary: Free implementation of the Remote Desktop Protocol (RDP)

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.