Red Hat Product Errata RHSA-2026:8870 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:8870 - Security Advisory Overview Updated Packages Synopsis Important: openexr security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openexr is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing (CVE-2026-27622) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2444251 - CVE-2026-27622 openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing CVEs CVE-2026-27622 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM openexr-3.1.1-2.el9_0.2.src.rpm SHA-256: eed0169b6e2eb5d04cd54353778c280f69c3a07aeb73f10cf0a55ab028d893cc ppc64le openexr-3.1.1-2.el9_0.2.ppc64le.rpm SHA-256: 084b2e5fc32cb44bbc7bcf623b88b863de47c7961c4f3bae71b3c15b08159931 openexr-debuginfo-3.1.1-2.el9_0.2.ppc64le.rpm SHA-256: a91f972885436ed7af2ad8d277da995c64f03673e16904929869301764c60418 openexr-debugsource-3.1.1-2.el9_0.2.ppc64le.rpm SHA-256: 9e9374640b9ac9c0c5b2f864cb1a62f72611d087a81e225b9d7dca221e0d2d51 openexr-libs-3.1.1-2.el9_0.2.ppc64le.rpm SHA-256: 61a813b46bcd7890484d4a3897c94fa7157d887d23186abee48f3cf0e02aaf4b openexr-libs-debuginfo-3.1.1-2.el9_0.2.ppc64le.rpm SHA-256: d638b1930bd269db106778b1e0d2c93bf9bbca9032e70e8c404e783cd8997fb9 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM openexr-3.1.1-2.el9_0.2.src.rpm SHA-256: eed0169b6e2eb5d04cd54353778c280f69c3a07aeb73f10cf0a55ab028d893cc x86_64 openexr-3.1.1-2.el9_0.2.x86_64.rpm SHA-256: 5028be6c77814006482ad23511b8aa985cad9b0d3e10b2ad8c62635cffa4eb20 openexr-debuginfo-3.1.1-2.el9_0.2.i686.rpm SHA-256: ab2f7e45d65c499ded122058cb79f8f08d14793ee27f000274652c3cb77420fd openexr-debuginfo-3.1.1-2.el9_0.2.x86_64.rpm SHA-256: 304bbd3f37e0baddce0b5cda682991154426ee41fb67d9c1ba287290acbc1bf8 openexr-debugsource-3.1.1-2.el9_0.2.i686.rpm SHA-256: 94b474df4985b34ac5305e4ceb185a845930ee93d472a6a985ad0e4e665ca696 openexr-debugsource-3.1.1-2.el9_0.2.x86_64.rpm SHA-256: 6979d73c596321ab725c8523dddf225b5856090c844e446b81c50563bb65127f openexr-libs-3.1.1-2.el9_0.2.i686.rpm SHA-256: cd8240b5070d31fcc6c88a14563f174c192da6269c684baaa8661d6bda48cdfb openexr-libs-3.1.1-2.el9_0.2.x86_64.rpm SHA-256: 729bbdbd4fb33ba9b23be34be20da364361cc9f1e0bcab9d034cd303fe897efd openexr-libs-debuginfo-3.1.1-2.el9_0.2.i686.rpm SHA-256: 1809e310d65114377538a0a4efba26c69e2cf5f60949b5f2242bcdc7e11c35ea openexr-libs-debuginfo-3.1.1-2.el9_0.2.x86_64.rpm SHA-256: 7c677cd7fb979c61e28aec5175f44746c6c22bdbf17d7319e24c4c5f102002cf Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM openexr-3.1.1-2.el9_0.2.src.rpm SHA-256: eed0169b6e2eb5d04cd54353778c280f69c3a07aeb73f10cf0a55ab028d893cc aarch64 openexr-3.1.1-2.el9_0.2.aarch64.rpm SHA-256: 456664e0922f81d91d2cc50922b5bcfcdd6ee931750c7f82bb8ac5789e654f51 openexr-debuginfo-3.1.1-2.el9_0.2.aarch64.rpm SHA-256: 5922cf54bda974fa1eed70de2b47a8c00ce00be69f6f1f2a35253d3f6a7cf8c2 openexr-debugsource-3.1.1-2.el9_0.2.aarch64.rpm SHA-256: 7ba90e83bde7de0dc7570369e0a817dfbc1374528f49a3fa124d355562d068da openexr-libs-3.1.1-2.el9_0.2.aarch64.rpm SHA-256: add26a3fbfa728afbea1782de6dbe682bdf281aee106df02d2aa7ac2b97e90a7 openexr-libs-debuginfo-3.1.1-2.el9_0.2.aarch64.rpm SHA-256: 60f2088c1c9325447d38c1788f574d6b3332226502c389d54c1ba18daf851a21 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM openexr-3.1.1-2.el9_0.2.src.rpm SHA-256: eed0169b6e2eb5d04cd54353778c280f69c3a07aeb73f10cf0a55ab028d893cc s390x openexr-3.1.1-2.el9_0.2.s390x.rpm SHA-256: 6ab38e2d1f122db1c1d5bc88aa800df128aef51f148394fc960ceb4d23d81eff openexr-debuginfo-3.1.1-2.el9_0.2.s390x.rpm SHA-256: d2cdba66a412fcf707acbdd113cdc907bc54fa90f9617bc2ffa4781f7a4cbc27 openexr-debugsource-3.1.1-2.el9_0.2.s390x.rpm SHA-256: c2d6539717e609fcf5c10b14326b8349ddf4df3855abd02cffb2f955a116635a openexr-libs-3.1.1-2.el9_0.2.s390x.rpm SHA-256: 752bd3d933d0c1d1517d53ba425c3afb311724e31f5d21a507f2dfcbd9950505 openexr-libs-debuginfo-3.1.1-2.el9_0.2.s390x.rpm SHA-256: d1bb01da8fb2c7bfc61ebab1ae30f2672b101b781f01edbf3fc2f4e5028d1638 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .