Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:22309: Important: rhc security update

cve-2026-32281redhatcve-2026-32280
Two denial-of-service vulnerabilities (CVE-2026-32280 and CVE-2026-32281, CVSS 7.5 High) in the Go crypto/x509 and crypto/tls packages allow attackers to cause excessive CPU consumption via inefficient certificate chain validation. The underlying Go runtime vulnerabilities affect versions prior to Go 1.25.9 and Go 1.26.0 through 1.26.1. The fix requires updating the `rhc` package on RHEL 9 systems, which incorporates the patched Go versions 1.25.9 or 1.26.2.
Read Full Article →

Red Hat Product Errata RHSA-2026:22309 - Security Advisory Issued: 2026-06-01 Updated: 2026-06-01 RHSA-2026:22309 - Security Advisory Overview Updated Packages Synopsis Important: rhc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rhc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security Fix(es): crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2456333 - CVE-2026-32281 crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-32280 CVE-2026-32281 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 x86_64 rhc-0.2.7-7.el9_8.x86_64.rpm SHA-256: f9fce3d9df753cc23468a3b20aea1dd7f92a93ebbfa2ab91cede1a7b0714e264 rhc-debuginfo-0.2.7-7.el9_8.x86_64.rpm SHA-256: 4de868012656ccf654415837be8fecd42b9c9589d0143834547e5b18b2c63f6e rhc-debugsource-0.2.7-7.el9_8.x86_64.rpm SHA-256: 27f603881e978d883a4c0c933276cd4ab77079d76f4093f02c103efd1e5c6d35 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 x86_64 rhc-0.2.7-7.el9_8.x86_64.rpm SHA-256: f9fce3d9df753cc23468a3b20aea1dd7f92a93ebbfa2ab91cede1a7b0714e264 rhc-debuginfo-0.2.7-7.el9_8.x86_64.rpm SHA-256: 4de868012656ccf654415837be8fecd42b9c9589d0143834547e5b18b2c63f6e rhc-debugsource-0.2.7-7.el9_8.x86_64.rpm SHA-256: 27f603881e978d883a4c0c933276cd4ab77079d76f4093f02c103efd1e5c6d35 Red Hat Enterprise Linux for IBM z Systems 9 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 s390x rhc-0.2.7-7.el9_8.s390x.rpm SHA-256: 89b7d13ab3db7443f1d65b08ac538f624bfa9586a4b7d167624fd807970a83f7 rhc-debuginfo-0.2.7-7.el9_8.s390x.rpm SHA-256: 003ca6df453b2305c7216166a438ba457a9429966f129d306cd1b2e08ec52af5 rhc-debugsource-0.2.7-7.el9_8.s390x.rpm SHA-256: 155205db375fdf38393300ed974b1369f9585e90f95a368aca54a4176c18e556 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 s390x rhc-0.2.7-7.el9_8.s390x.rpm SHA-256: 89b7d13ab3db7443f1d65b08ac538f624bfa9586a4b7d167624fd807970a83f7 rhc-debuginfo-0.2.7-7.el9_8.s390x.rpm SHA-256: 003ca6df453b2305c7216166a438ba457a9429966f129d306cd1b2e08ec52af5 rhc-debugsource-0.2.7-7.el9_8.s390x.rpm SHA-256: 155205db375fdf38393300ed974b1369f9585e90f95a368aca54a4176c18e556 Red Hat Enterprise Linux for Power, little endian 9 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 ppc64le rhc-0.2.7-7.el9_8.ppc64le.rpm SHA-256: 6fa4255cc6d793eb96423b1927bb32e229a4df942ef3d464df7dc180ec1abf44 rhc-debuginfo-0.2.7-7.el9_8.ppc64le.rpm SHA-256: 1f2ce15376a15e11d95031762972c14e51c791647068499355b01a2063e80ef3 rhc-debugsource-0.2.7-7.el9_8.ppc64le.rpm SHA-256: ea9b9507bd0bddca8a83399bffe75599249470ed370bb7957bf47cc8492e63a4 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 ppc64le rhc-0.2.7-7.el9_8.ppc64le.rpm SHA-256: 6fa4255cc6d793eb96423b1927bb32e229a4df942ef3d464df7dc180ec1abf44 rhc-debuginfo-0.2.7-7.el9_8.ppc64le.rpm SHA-256: 1f2ce15376a15e11d95031762972c14e51c791647068499355b01a2063e80ef3 rhc-debugsource-0.2.7-7.el9_8.ppc64le.rpm SHA-256: ea9b9507bd0bddca8a83399bffe75599249470ed370bb7957bf47cc8492e63a4 Red Hat Enterprise Linux for ARM 64 9 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 aarch64 rhc-0.2.7-7.el9_8.aarch64.rpm SHA-256: 277638a1c8ed9c6d0f6a4dcdd433389ae3c7598a8b6f34cf9728f0a1c0942434 rhc-debuginfo-0.2.7-7.el9_8.aarch64.rpm SHA-256: 20fa7472b9847548a413a89f6b2b2f0fffd00097694c3d099b4489ca71c31a1f rhc-debugsource-0.2.7-7.el9_8.aarch64.rpm SHA-256: 572713e9327bc56268588054c6b5dc6f623e64449fdb673af75fd190ccb41a4a Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 aarch64 rhc-0.2.7-7.el9_8.aarch64.rpm SHA-256: 277638a1c8ed9c6d0f6a4dcdd433389ae3c7598a8b6f34cf9728f0a1c0942434 rhc-debuginfo-0.2.7-7.el9_8.aarch64.rpm SHA-256: 20fa7472b9847548a413a89f6b2b2f0fffd00097694c3d099b4489ca71c31a1f rhc-debugsource-0.2.7-7.el9_8.aarch64.rpm SHA-256: 572713e9327bc56268588054c6b5dc6f623e64449fdb673af75fd190ccb41a4a Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 ppc64le rhc-0.2.7-7.el9_8.ppc64le.rpm SHA-256: 6fa4255cc6d793eb96423b1927bb32e229a4df942ef3d464df7dc180ec1abf44 rhc-debuginfo-0.2.7-7.el9_8.ppc64le.rpm SHA-256: 1f2ce15376a15e11d95031762972c14e51c791647068499355b01a2063e80ef3 rhc-debugsource-0.2.7-7.el9_8.ppc64le.rpm SHA-256: ea9b9507bd0bddca8a83399bffe75599249470ed370bb7957bf47cc8492e63a4 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM rhc-0.2.7-7.el9_8.src.rpm SHA-256: ce91337f12398b0349c8d18397a20b5af5a47ec9dd13e96aaf43fd99ff469f52 x86_64 rhc-0.2.7-7.el9_8.x86_64.rpm SHA-256: f9fce3d9df753cc23468a3b20aea1dd7f92a93ebbfa2ab91cede1a7b0714e264 rhc-debuginfo-0.2.7-7.el9_8.x86_64.rpm SHA-256: 4de868012656ccf654415837be8fecd42b9c9589d0143834547e5b18b2c63f6e rhc-debugsource-0.2.7-7.el9_8.x86_64.rpm SHA-256: 27f603881e978d883a4c0c933276cd4ab77079d76f4093f02c103efd1e5c6d35 Red Hat CodeReady Linux Builder for x86_64 9 SRPM x86_64 rhc-debuginfo-0.2.7-7.el9_8.x86_64.rpm SHA-256: 4de868012656ccf654415837be8fecd42b9c9589d0143834547e5b18b2c63f6e rhc-debugsource-0.2.7-7.el9_8.x86_64.rpm SHA-256: 27f603881e978d883a4c0c933276cd4ab77079d76f4093f02c103efd1e5c6d35 rhc-devel-0.2.7-7.el9_8.x86_64.rpm SHA-256: fe70a51a3a17a91753bab6edc8cfb6d1ac65eb58c303e1c3e55ffbf96ed8b7cd Red Hat CodeReady Linux Builder for Power, little endian 9 SRPM ppc64le rhc-debuginfo-0.2.7-7.el9_8.ppc64le.rpm SHA-256: 1f2ce15376a15e11d95031762972c14e51c791647068499355b01a2063e80ef3 rhc-debugsource-0.2.7-7.el9_8.ppc64le.rpm SHA-256: ea9b9507bd0bddca8a83399bffe75599249470ed370bb7957bf47cc8492e63a4 rhc-devel-0.2.7-7.el9_8.ppc64le.rpm SHA-256: ea04a51f7ec765981b0372e66a247c795dd22bad37a12a4997c7b8225022f554 Red Hat CodeReady Linux Builder for ARM 64 9 SRPM aarch64 rhc-debuginfo-0.2.7-7.el9_8.aarch64.rpm SHA-256: 20fa7472b9847548a413a89f6b2b2f0fffd00097694c3d099b4489ca71c31a1f rhc-debugsource-0.2.7-7.el9_8.aarch64.rpm SHA-256: 572713e9327bc56268588054c6b5dc6f623e64449fdb673af75fd190ccb41a4a rhc-devel-0.2.7-7.el9_8.aarch64.rpm SHA-256: 577459a1ee9a5258386c07c729242cf1405e45236ffc3835ef4891267316888e Red Hat CodeReady Linux Builder for IBM z Systems 9 SRPM s390x rhc-debuginfo-0.2.7-7.el9_8.s3

Related Articles

INFO RHSA-2026:19353: Important: opentelemetry-collector security update Red Hat Errata INFO RHSA-2026:19719: Important: opentelemetry-collector security update Red Hat Errata INFO RHSA-2026:19721: Important: opentelemetry-collector security update Red Hat Errata INFO RHSA-2026:19720: Important: opentelemetry-collector security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn