Red Hat Product Errata RHSA-2026:25216 - Security Advisory Issued: 2026-06-11 Updated: 2026-06-11 RHSA-2026:25216 - Security Advisory Overview Updated Packages Synopsis Important: valkey security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for valkey is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Valkey works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log. Valkey also supports trivial-to-setup master-slave replication, with very fast non-blocking first synchronization, auto-reconnection on net split and so forth. Other features include Transactions, Pub/Sub, Lua scripting, Keys with a limited time-to-live, and configuration settings to make Valkey behave like a cache. You can use Valkey from most programming languages also. Security Fix(es): redis: use-after-free in unblock client flow may allow remote code execution (CVE-2026-23479) redis: Remote code execution via use-after-free in Lua scripting (CVE-2026-23631) redis: RESTORE invalid memory access may allow remote code execution (CVE-2026-25243) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2466780 - CVE-2026-23479 redis: use-after-free in unblock client flow may allow remote code execution BZ - 2466788 - CVE-2026-23631 redis: Remote code execution via use-after-free in Lua scripting BZ - 2466828 - CVE-2026-25243 redis: RESTORE invalid memory access may allow remote code execution CVEs CVE-2026-23479 CVE-2026-23631 CVE-2026-25243 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 x86_64 valkey-8.0.9-1.el10_2.x86_64.rpm SHA-256: e3e437c14b0301e7f55715eb13bba09c8ac67a7f54e8e3fb8b842bc066b73da2 valkey-debuginfo-8.0.9-1.el10_2.x86_64.rpm SHA-256: 321f9e739de6ec14cb7604deeb5b97a6a75c7645cacf0a3c056b18b0bd8bbdbb valkey-debugsource-8.0.9-1.el10_2.x86_64.rpm SHA-256: ae6b2c162a9e7620e1dbfc2acebc1dfa71fc061536e912a3bb678d37d4121566 valkey-devel-8.0.9-1.el10_2.x86_64.rpm SHA-256: 228bc0f1376237caf10dbd0a898e5566151f033910932af36fa808eebedc8346 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 x86_64 valkey-8.0.9-1.el10_2.x86_64.rpm SHA-256: e3e437c14b0301e7f55715eb13bba09c8ac67a7f54e8e3fb8b842bc066b73da2 valkey-debuginfo-8.0.9-1.el10_2.x86_64.rpm SHA-256: 321f9e739de6ec14cb7604deeb5b97a6a75c7645cacf0a3c056b18b0bd8bbdbb valkey-debugsource-8.0.9-1.el10_2.x86_64.rpm SHA-256: ae6b2c162a9e7620e1dbfc2acebc1dfa71fc061536e912a3bb678d37d4121566 valkey-devel-8.0.9-1.el10_2.x86_64.rpm SHA-256: 228bc0f1376237caf10dbd0a898e5566151f033910932af36fa808eebedc8346 Red Hat Enterprise Linux for IBM z Systems 10 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 s390x valkey-8.0.9-1.el10_2.s390x.rpm SHA-256: d3ca1c9fa98e965d1f5879e90c76395db57c6f8c1b9e2cd200436ad781f2296d valkey-debuginfo-8.0.9-1.el10_2.s390x.rpm SHA-256: ce0336e34411c5de80e4d5f1ce02add99de9fa03609efa08b31a57f217c3f36f valkey-debugsource-8.0.9-1.el10_2.s390x.rpm SHA-256: ea3584b6e22c256ea65b8a614bcdccdf6c514ceddd84c22e293c3cff26bd573a valkey-devel-8.0.9-1.el10_2.s390x.rpm SHA-256: 97f37e6de817fece5c53884c3d794a4aaed3e531a662c2079bb5719a3a18e0b4 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 s390x valkey-8.0.9-1.el10_2.s390x.rpm SHA-256: d3ca1c9fa98e965d1f5879e90c76395db57c6f8c1b9e2cd200436ad781f2296d valkey-debuginfo-8.0.9-1.el10_2.s390x.rpm SHA-256: ce0336e34411c5de80e4d5f1ce02add99de9fa03609efa08b31a57f217c3f36f valkey-debugsource-8.0.9-1.el10_2.s390x.rpm SHA-256: ea3584b6e22c256ea65b8a614bcdccdf6c514ceddd84c22e293c3cff26bd573a valkey-devel-8.0.9-1.el10_2.s390x.rpm SHA-256: 97f37e6de817fece5c53884c3d794a4aaed3e531a662c2079bb5719a3a18e0b4 Red Hat Enterprise Linux for Power, little endian 10 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 ppc64le valkey-8.0.9-1.el10_2.ppc64le.rpm SHA-256: 1543edaa8ace1694703dccc9596e005c52c261f011290afe3d302073957c35a5 valkey-debuginfo-8.0.9-1.el10_2.ppc64le.rpm SHA-256: 95ac6576a6e26b66ac0ae91b6ee9c667ae183df8ec6cc8be8481339acff188aa valkey-debugsource-8.0.9-1.el10_2.ppc64le.rpm SHA-256: 0c882f7de1be1445223eb447b78f384a08c2d5f6ce9637a83c452f4e12ff488a valkey-devel-8.0.9-1.el10_2.ppc64le.rpm SHA-256: dc863fd0810ecf5529777b1202f9b1dfca2a3c64c715280fd5c2c06892c68f34 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 ppc64le valkey-8.0.9-1.el10_2.ppc64le.rpm SHA-256: 1543edaa8ace1694703dccc9596e005c52c261f011290afe3d302073957c35a5 valkey-debuginfo-8.0.9-1.el10_2.ppc64le.rpm SHA-256: 95ac6576a6e26b66ac0ae91b6ee9c667ae183df8ec6cc8be8481339acff188aa valkey-debugsource-8.0.9-1.el10_2.ppc64le.rpm SHA-256: 0c882f7de1be1445223eb447b78f384a08c2d5f6ce9637a83c452f4e12ff488a valkey-devel-8.0.9-1.el10_2.ppc64le.rpm SHA-256: dc863fd0810ecf5529777b1202f9b1dfca2a3c64c715280fd5c2c06892c68f34 Red Hat Enterprise Linux for ARM 64 10 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 aarch64 valkey-8.0.9-1.el10_2.aarch64.rpm SHA-256: d3bbe98fcdf8e364e72500779d004127445d628a8c4521d5b4ab2b997c26bd06 valkey-debuginfo-8.0.9-1.el10_2.aarch64.rpm SHA-256: 6d12c597b20e8ef76881dbfc1b7efd5d17c3a8daf3876f95f60b09602acd6807 valkey-debugsource-8.0.9-1.el10_2.aarch64.rpm SHA-256: aee7f0d587c87cab56475d30945069eae34159f8218466a853d90679efd47870 valkey-devel-8.0.9-1.el10_2.aarch64.rpm SHA-256: 70005d75ba673772cec40c8bb4bc6f493622bd69583802594192d5be341b5166 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 aarch64 valkey-8.0.9-1.el10_2.aarch64.rpm SHA-256: d3bbe98fcdf8e364e72500779d004127445d628a8c4521d5b4ab2b997c26bd06 valkey-debuginfo-8.0.9-1.el10_2.aarch64.rpm SHA-256: 6d12c597b20e8ef76881dbfc1b7efd5d17c3a8daf3876f95f60b09602acd6807 valkey-debugsource-8.0.9-1.el10_2.aarch64.rpm SHA-256: aee7f0d587c87cab56475d30945069eae34159f8218466a853d90679efd47870 valkey-devel-8.0.9-1.el10_2.aarch64.rpm SHA-256: 70005d75ba673772cec40c8bb4bc6f493622bd69583802594192d5be341b5166 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 aarch64 valkey-8.0.9-1.el10_2.aarch64.rpm SHA-256: d3bbe98fcdf8e364e72500779d004127445d628a8c4521d5b4ab2b997c26bd06 valkey-debuginfo-8.0.9-1.el10_2.aarch64.rpm SHA-256: 6d12c597b20e8ef76881dbfc1b7efd5d17c3a8daf3876f95f60b09602acd6807 valkey-debugsource-8.0.9-1.el10_2.aarch64.rpm SHA-256: aee7f0d587c87cab56475d30945069eae34159f8218466a853d90679efd47870 valkey-devel-8.0.9-1.el10_2.aarch64.rpm SHA-256: 70005d75ba673772cec40c8bb4bc6f493622bd69583802594192d5be341b5166 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 SRPM valkey-8.0.9-1.el10_2.src.rpm SHA-256: badb95b25d811296a0a74d7ddc405ea6206e1dba52714e2baa14289c0691aa34 s390x valkey-8.0.9-1.el10_2.s390x.rpm SHA-256: d3ca1c9fa98e965d1f5879e90c76395db57c6f8c1b9e2cd20043