Red Hat Product Errata RHSA-2026:13854 - Security Advisory Issued: 2026-05-05 Updated: 2026-05-05 RHSA-2026:13854 - Security Advisory Overview Updated Packages Synopsis Important: LibRaw security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for LibRaw is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). Security Fix(es): LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file (CVE-2026-24450) LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading (CVE-2026-21413) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2455925 - CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file BZ - 2455929 - CVE-2026-21413 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading CVEs CVE-2026-21413 CVE-2026-24450 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM LibRaw-0.21.1-2.el9_6.src.rpm SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd x86_64 LibRaw-0.21.1-2.el9_6.i686.rpm SHA-256: f1a87d03a4b138c0c8e620f45b20d632e028cfd11136def550a92561281dfa28 LibRaw-0.21.1-2.el9_6.x86_64.rpm SHA-256: e84017d570a2e3adbbd9b640b35065107c722d59a964a6501f0087702ce1b45b LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0 LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4 LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546 LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8 LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2 Red Hat Enterprise Linux Server - AUS 9.6 SRPM LibRaw-0.21.1-2.el9_6.src.rpm SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd x86_64 LibRaw-0.21.1-2.el9_6.i686.rpm SHA-256: f1a87d03a4b138c0c8e620f45b20d632e028cfd11136def550a92561281dfa28 LibRaw-0.21.1-2.el9_6.x86_64.rpm SHA-256: e84017d570a2e3adbbd9b640b35065107c722d59a964a6501f0087702ce1b45b LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0 LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4 LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546 LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8 LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM LibRaw-0.21.1-2.el9_6.src.rpm SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd s390x LibRaw-0.21.1-2.el9_6.s390x.rpm SHA-256: 803ee6355c3a4a968290dac28123db4a9f999358a34df2474964254c199be9a4 LibRaw-debuginfo-0.21.1-2.el9_6.s390x.rpm SHA-256: 11ef8f992a037bced1f734e65895ad51a0c67df133d569743a0c304027e8453a LibRaw-debugsource-0.21.1-2.el9_6.s390x.rpm SHA-256: 86af249a94a0110d4e082c94ee0a993bf7a8e10ded1aded4277994d6bdb07280 LibRaw-samples-debuginfo-0.21.1-2.el9_6.s390x.rpm SHA-256: e39075b969f9eea68292b5766cee18ef966328a2ca5c0f071e22a1cdd7af0646 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM LibRaw-0.21.1-2.el9_6.src.rpm SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd ppc64le LibRaw-0.21.1-2.el9_6.ppc64le.rpm SHA-256: ccf65fa9f5b078b97ea5d1dee18f599d18826bba4840f8c634c470e753887b77 LibRaw-debuginfo-0.21.1-2.el9_6.ppc64le.rpm SHA-256: c9d8b04d19bbd37ddd38f7b1466af2e7220ad6727fec0bb8911071ae7d254155 LibRaw-debugsource-0.21.1-2.el9_6.ppc64le.rpm SHA-256: 154d154eb62be6881a9a1231eb6ca446608f2dbbf1e209017c408f3e05888545 LibRaw-samples-debuginfo-0.21.1-2.el9_6.ppc64le.rpm SHA-256: 5f8642800688d21b3da4bd7f14bd3188da77df438ab8dfa20bd7b628005bdfe1 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM LibRaw-0.21.1-2.el9_6.src.rpm SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd aarch64 LibRaw-0.21.1-2.el9_6.aarch64.rpm SHA-256: ea004e7229ea1696878402796b69a92f420c5c5748f5e2d8365b9cb502f666d4 LibRaw-debuginfo-0.21.1-2.el9_6.aarch64.rpm SHA-256: a678d6171a86e4755b2ec36b5aa042ca5b83ca076052cec0a81957183e9f58cd LibRaw-debugsource-0.21.1-2.el9_6.aarch64.rpm SHA-256: 0f02769158f3548cfbbbc95849f147281570c909b13da9889a446af051235296 LibRaw-samples-debuginfo-0.21.1-2.el9_6.aarch64.rpm SHA-256: 1ec4f47898594bc595e8caf010af647fb1c132feb8df6a52a5aae5c9d53e1de4 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM LibRaw-0.21.1-2.el9_6.src.rpm SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd ppc64le LibRaw-0.21.1-2.el9_6.ppc64le.rpm SHA-256: ccf65fa9f5b078b97ea5d1dee18f599d18826bba4840f8c634c470e753887b77 LibRaw-debuginfo-0.21.1-2.el9_6.ppc64le.rpm SHA-256: c9d8b04d19bbd37ddd38f7b1466af2e7220ad6727fec0bb8911071ae7d254155 LibRaw-debugsource-0.21.1-2.el9_6.ppc64le.rpm SHA-256: 154d154eb62be6881a9a1231eb6ca446608f2dbbf1e209017c408f3e05888545 LibRaw-samples-debuginfo-0.21.1-2.el9_6.ppc64le.rpm SHA-256: 5f8642800688d21b3da4bd7f14bd3188da77df438ab8dfa20bd7b628005bdfe1 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 SRPM LibRaw-0.21.1-2.el9_6.src.rpm SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd x86_64 LibRaw-0.21.1-2.el9_6.i686.rpm SHA-256: f1a87d03a4b138c0c8e620f45b20d632e028cfd11136def550a92561281dfa28 LibRaw-0.21.1-2.el9_6.x86_64.rpm SHA-256: e84017d570a2e3adbbd9b640b35065107c722d59a964a6501f0087702ce1b45b LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0 LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4 LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546 LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8 LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 SRPM x86_64 LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0 LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4 LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546 LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8 LibRaw-devel-0.21.1-2.el9_6.i686.rpm SHA-256: 9426b0413a46aafb06cfdfae2c7d21b80cbfa3c2e8ef4367d68359a72b6321bb LibRaw-devel-0.21.1-2.el9_6.x86_64.rpm SHA-256: ebf9f64efc9b3f7d8f9d8e5b5a0fb40d7b22ee5066d80f86a4bc7501f5474ee5 LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm SHA-256: 6096864