Red Hat Product Errata RHSA-2026:10084 - Security Advisory Issued: 2026-04-23 Updated: 2026-04-23 RHSA-2026:10084 - Security Advisory Overview Updated Packages Synopsis Important: .NET 8.0 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for .NET 8.0 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.125 and .NET Runtime 8.0.25.Security Fix(es): asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation (CVE-2026-26130) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2446134 - CVE-2026-26130 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation CVEs CVE-2026-26130 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM dotnet8.0-8.0.125-1.el9_6.src.rpm SHA-256: 01f932bc38bdd8690ac3100cfa77d52cccc79069de4de1a3e38baeb080627924 x86_64 aspnetcore-runtime-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 4686c331083bb708ef3ecd9a06c172cee2541cefed69ceb48abc1da8c3fef8ff aspnetcore-runtime-dbg-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 8e8cc453211fd44526e651f39a1453f69e5a8956fb73342eda88d7a08d77f349 aspnetcore-targeting-pack-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 3c947185ca4231dc07bbe944955b74337b02a4f9680b6140d23d42427073320e dotnet-apphost-pack-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 2e6df5ac93484e16bda33241225f8efe2525fa54b72255578f9ea96ec2cef8ec dotnet-apphost-pack-8.0-debuginfo-8.0.25-1.el9_6.x86_64.rpm SHA-256: ed436c9dba68260d0363dd6e6345f0a92f4b272b99787b005be98264b0adf88b dotnet-hostfxr-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 6738b90d61443dbf5c2463eb47788ea3aef3c173468fbff9a2e3fb070d0c64f7 dotnet-hostfxr-8.0-debuginfo-8.0.25-1.el9_6.x86_64.rpm SHA-256: 3c2c8497793a84f42621ca3660cd269b085e4156f2cbb1964425414c28820790 dotnet-runtime-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: fec87bd3ef24861f39d439104f0f00f7606cee639fdcdffdea85491ff053e037 dotnet-runtime-8.0-debuginfo-8.0.25-1.el9_6.x86_64.rpm SHA-256: e4b1466c31587fa2971d0efe7d80693366a8d75fa276a2263047e602eded8df7 dotnet-runtime-dbg-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 3b7ba942479f7354186acb10d64a28e832e5eb03de7f81d7514445327adde625 dotnet-sdk-8.0-8.0.125-1.el9_6.x86_64.rpm SHA-256: 088395d592cde96bc0f05bff03d0c5727ace59b836c4b5e9b1f4201aa51a5d6e dotnet-sdk-8.0-debuginfo-8.0.125-1.el9_6.x86_64.rpm SHA-256: 2913c4d314af2f64986b91a32b428142df51ffe7d714b922ccd85248d2fe04eb dotnet-sdk-dbg-8.0-8.0.125-1.el9_6.x86_64.rpm SHA-256: 896290e369f2aca87fe6c1c5210fd6dfd239cb78b80d801320c6d7c96376d6d4 dotnet-targeting-pack-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 41c02a59e9d16d9d95f937f14ac4bbeea6bb9a3184a9d914cfba6ca8f3185754 dotnet-templates-8.0-8.0.125-1.el9_6.x86_64.rpm SHA-256: 365cf145be74b6a31ab74e16f508c102e657858c18d38758c5b1ebe8fa6adab3 dotnet8.0-debuginfo-8.0.125-1.el9_6.x86_64.rpm SHA-256: 194df04bc1f6eb5fdb5e473c1a9860740cdd3fc53246c53fcd37178b44848fb4 dotnet8.0-debugsource-8.0.125-1.el9_6.x86_64.rpm SHA-256: 17f146a70fa468edc24a9216e796019cc5c491d688f1ca420e22b6543a5e6cb2 Red Hat Enterprise Linux Server - AUS 9.6 SRPM dotnet8.0-8.0.125-1.el9_6.src.rpm SHA-256: 01f932bc38bdd8690ac3100cfa77d52cccc79069de4de1a3e38baeb080627924 x86_64 aspnetcore-runtime-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 4686c331083bb708ef3ecd9a06c172cee2541cefed69ceb48abc1da8c3fef8ff aspnetcore-runtime-dbg-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 8e8cc453211fd44526e651f39a1453f69e5a8956fb73342eda88d7a08d77f349 aspnetcore-targeting-pack-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 3c947185ca4231dc07bbe944955b74337b02a4f9680b6140d23d42427073320e dotnet-apphost-pack-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 2e6df5ac93484e16bda33241225f8efe2525fa54b72255578f9ea96ec2cef8ec dotnet-apphost-pack-8.0-debuginfo-8.0.25-1.el9_6.x86_64.rpm SHA-256: ed436c9dba68260d0363dd6e6345f0a92f4b272b99787b005be98264b0adf88b dotnet-hostfxr-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 6738b90d61443dbf5c2463eb47788ea3aef3c173468fbff9a2e3fb070d0c64f7 dotnet-hostfxr-8.0-debuginfo-8.0.25-1.el9_6.x86_64.rpm SHA-256: 3c2c8497793a84f42621ca3660cd269b085e4156f2cbb1964425414c28820790 dotnet-runtime-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: fec87bd3ef24861f39d439104f0f00f7606cee639fdcdffdea85491ff053e037 dotnet-runtime-8.0-debuginfo-8.0.25-1.el9_6.x86_64.rpm SHA-256: e4b1466c31587fa2971d0efe7d80693366a8d75fa276a2263047e602eded8df7 dotnet-runtime-dbg-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 3b7ba942479f7354186acb10d64a28e832e5eb03de7f81d7514445327adde625 dotnet-sdk-8.0-8.0.125-1.el9_6.x86_64.rpm SHA-256: 088395d592cde96bc0f05bff03d0c5727ace59b836c4b5e9b1f4201aa51a5d6e dotnet-sdk-8.0-debuginfo-8.0.125-1.el9_6.x86_64.rpm SHA-256: 2913c4d314af2f64986b91a32b428142df51ffe7d714b922ccd85248d2fe04eb dotnet-sdk-dbg-8.0-8.0.125-1.el9_6.x86_64.rpm SHA-256: 896290e369f2aca87fe6c1c5210fd6dfd239cb78b80d801320c6d7c96376d6d4 dotnet-targeting-pack-8.0-8.0.25-1.el9_6.x86_64.rpm SHA-256: 41c02a59e9d16d9d95f937f14ac4bbeea6bb9a3184a9d914cfba6ca8f3185754 dotnet-templates-8.0-8.0.125-1.el9_6.x86_64.rpm SHA-256: 365cf145be74b6a31ab74e16f508c102e657858c18d38758c5b1ebe8fa6adab3 dotnet8.0-debuginfo-8.0.125-1.el9_6.x86_64.rpm SHA-256: 194df04bc1f6eb5fdb5e473c1a9860740cdd3fc53246c53fcd37178b44848fb4 dotnet8.0-debugsource-8.0.125-1.el9_6.x86_64.rpm SHA-256: 17f146a70fa468edc24a9216e796019cc5c491d688f1ca420e22b6543a5e6cb2 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM dotnet8.0-8.0.125-1.el9_6.src.rpm SHA-256: 01f932bc38bdd8690ac3100cfa77d52cccc79069de4de1a3e38baeb080627924 s390x aspnetcore-runtime-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: a9c792b7744f77ce7d1a1516c8d608dd15e761dd9f2ac348f6b8249bbb017358 aspnetcore-runtime-dbg-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: 135c9efd6c150f9860e3bb5dfa02ea603c9698d296073c3baf3037958a146ce0 aspnetcore-targeting-pack-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: 663141f491b0a5ce77505d5cf981424585d638b4b631a6592b372dbc75aa114a dotnet-apphost-pack-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: d08fa37852136103448a2bd1156c8990cd87f17f5152ece6a13af22c232d4b73 dotnet-apphost-pack-8.0-debuginfo-8.0.25-1.el9_6.s390x.rpm SHA-256: 5c54002a6524b688b837e7a3c9ccac244f9d642b07a195bd8995f488dd3acbc6 dotnet-hostfxr-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: 706855104352b4038a4ae98134e4832e5d6f0240488f2063e876aa16ca684f04 dotnet-hostfxr-8.0-debuginfo-8.0.25-1.el9_6.s390x.rpm SHA-256: efaa11c7d4b9fe46da9a23562433fd4a254831c717f3a521b5202250d42e0335 dotnet-runtime-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: 4ce52e785acf73e5e49c11d543d38c4677ac917ca38beac11b85b8ebece3e64f dotnet-runtime-8.0-debuginfo-8.0.25-1.el9_6.s390x.rpm SHA-256: 061d70f466d97a33180b8aa7ad3f30e05bcf334e5d87a342061414d78e51fa7e dotnet-runtime-dbg-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: 8dd1f6b14941053f5df36f4f82494d2da334a9d67287630944e6bd9b5bafe727 dotnet-sdk-8.0-8.0.125-1.el9_6.s390x.rpm SHA-256: db436bc623716eef00af6921b3d2616c32c74ffdd49dbec0c5d72f67bdf36abe dotnet-sdk-8.0-debuginfo-8.0.125-1.el9_6.s390x.rpm SHA-256: a79a25d622da57687ece4fe4f27ee0eff524323e8a7cf367b1a3df477a971b6c dotnet-sdk-dbg-8.0-8.0.125-1.el9_6.s390x.rpm SHA-256: c0d086375a7429a967a64b9dbea4ed5845ac08d0e7009bc6ea2d209ed3cabd7d dotnet-targeting-pack-8.0-8.0.25-1.el9_6.s390x.rpm SHA-256: f0ee687e856c9fde40d5fd78f5a6f75d61f8e138e54ce3e79bfc2b8149b1fc70 dotnet-templates-8.0-8.0.125-1.el9_6.s390x.rpm SHA-256: 00038c5b06478c302ec63b6a498b8b1e59702df06880ec4057fad9a33f0f359e dotnet8.0-debuginfo-8.0.125-1.el9_6.s390x.rpm SHA-256: 0d16c5c453ba7fbdd0399dc92246790de2a2b131a6329743bb816ccb05c7c40d dotnet8.0-debugsource-8.0.125-1.el9_6.s390x.rpm SHA-256: 86bb03040d69c7a38a38271ee4b12e1b42637fe857672c6ea133a71