Red Hat Product Errata RHSA-2026:13868 - Security Advisory Issued: 2026-05-05 Updated: 2026-05-05 RHSA-2026:13868 - Security Advisory Overview Updated Packages Synopsis Important: LibRaw security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for LibRaw is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others). Security Fix(es): LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading (CVE-2026-21413) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2455929 - CVE-2026-21413 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading CVEs CVE-2026-21413 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d x86_64 LibRaw-0.20.2-6.el9_2.i686.rpm SHA-256: b4371904c5e694a4f69a91bf7758edb629035dbcbb5f601779d1c2436baae3c8 LibRaw-0.20.2-6.el9_2.x86_64.rpm SHA-256: a049cd1b08042720dd00d49d7dbc8b5735d958ad74a2e64a08eed88e35928470 LibRaw-debuginfo-0.20.2-6.el9_2.i686.rpm SHA-256: d1bf42712eab15c4140cb4b1b123165ab0365eec2c8e2abf6d4a65ae598016a1 LibRaw-debuginfo-0.20.2-6.el9_2.x86_64.rpm SHA-256: 8e636f2356238bd75b11faf5b1d5d4764581099963c81a5c179f7afd41c13c63 LibRaw-debugsource-0.20.2-6.el9_2.i686.rpm SHA-256: dfe9be495dd5dee8c97d88a88e3bdec0be24bf3eddbc6b3fcf9ae55e703102b2 LibRaw-debugsource-0.20.2-6.el9_2.x86_64.rpm SHA-256: be8b80791061a9cc6e54cc5bebdf4f3d2d7c785a81db5bf5107f4fc421aed75c LibRaw-samples-debuginfo-0.20.2-6.el9_2.i686.rpm SHA-256: a971085a4b29a74f7bf838b22971e120301907413474a0afa62c9f8cc5ceb019 LibRaw-samples-debuginfo-0.20.2-6.el9_2.x86_64.rpm SHA-256: 2ff41bf43a37bd89fab5338f0f9e4b9eeff1c176a47142af7df35b767f343189 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d ppc64le LibRaw-0.20.2-6.el9_2.ppc64le.rpm SHA-256: ae703cfef14b938be955de202ba65fec866db4ffa2455de0ace5e72b04a06980 LibRaw-debuginfo-0.20.2-6.el9_2.ppc64le.rpm SHA-256: 36cc90bf1f749729ac6db3a8256b22f18410dfb6be6f20bcd928d9a3fb153f00 LibRaw-debugsource-0.20.2-6.el9_2.ppc64le.rpm SHA-256: 208fcdc41e264c484d0123c7b8eb3922d7d9002d4334469998fed3d2c52809b1 LibRaw-samples-debuginfo-0.20.2-6.el9_2.ppc64le.rpm SHA-256: fc7414ddeb397a5b4000cfa2684a0a82ebd025b6f88991f91f17ee2682495a11 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d x86_64 LibRaw-0.20.2-6.el9_2.i686.rpm SHA-256: b4371904c5e694a4f69a91bf7758edb629035dbcbb5f601779d1c2436baae3c8 LibRaw-0.20.2-6.el9_2.x86_64.rpm SHA-256: a049cd1b08042720dd00d49d7dbc8b5735d958ad74a2e64a08eed88e35928470 LibRaw-debuginfo-0.20.2-6.el9_2.i686.rpm SHA-256: d1bf42712eab15c4140cb4b1b123165ab0365eec2c8e2abf6d4a65ae598016a1 LibRaw-debuginfo-0.20.2-6.el9_2.x86_64.rpm SHA-256: 8e636f2356238bd75b11faf5b1d5d4764581099963c81a5c179f7afd41c13c63 LibRaw-debugsource-0.20.2-6.el9_2.i686.rpm SHA-256: dfe9be495dd5dee8c97d88a88e3bdec0be24bf3eddbc6b3fcf9ae55e703102b2 LibRaw-debugsource-0.20.2-6.el9_2.x86_64.rpm SHA-256: be8b80791061a9cc6e54cc5bebdf4f3d2d7c785a81db5bf5107f4fc421aed75c LibRaw-samples-debuginfo-0.20.2-6.el9_2.i686.rpm SHA-256: a971085a4b29a74f7bf838b22971e120301907413474a0afa62c9f8cc5ceb019 LibRaw-samples-debuginfo-0.20.2-6.el9_2.x86_64.rpm SHA-256: 2ff41bf43a37bd89fab5338f0f9e4b9eeff1c176a47142af7df35b767f343189 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d aarch64 LibRaw-0.20.2-6.el9_2.aarch64.rpm SHA-256: 789aa902d00cd8be163d1116114024db0bc080dc65e350004f8e085e6638634b LibRaw-debuginfo-0.20.2-6.el9_2.aarch64.rpm SHA-256: 0124eed362b8e597339951a32b7b1059676c7a7579a276a217a059f046e1edd4 LibRaw-debugsource-0.20.2-6.el9_2.aarch64.rpm SHA-256: 7003d68be2694aff5ee5eac88ea316efb0e01a5d02e312976f95489569e4b0e9 LibRaw-samples-debuginfo-0.20.2-6.el9_2.aarch64.rpm SHA-256: c2a0dcb29c2e1e58f7652136de739b65569327cde9a6296ffbca2474a1e49b7a Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d s390x LibRaw-0.20.2-6.el9_2.s390x.rpm SHA-256: 6212445dc40e521dc9ff2ff19c39a5be04e9066c8e82e12704b4c0176da9894d LibRaw-debuginfo-0.20.2-6.el9_2.s390x.rpm SHA-256: 82a3542c0fbe56a279e543caa0a5831a8cbcbdca934fbe284430e24f5bfd48fd LibRaw-debugsource-0.20.2-6.el9_2.s390x.rpm SHA-256: d2377baefc320e1ae004e823aefc70c154dcd29fabde2faea4e784616a0e155a LibRaw-samples-debuginfo-0.20.2-6.el9_2.s390x.rpm SHA-256: 5fc11ac27f22f0f6f49819b7b26c2537a8b464ec89527187c9c79e8beedc71fe Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d x86_64 LibRaw-0.20.2-6.el9_2.i686.rpm SHA-256: b4371904c5e694a4f69a91bf7758edb629035dbcbb5f601779d1c2436baae3c8 LibRaw-0.20.2-6.el9_2.x86_64.rpm SHA-256: a049cd1b08042720dd00d49d7dbc8b5735d958ad74a2e64a08eed88e35928470 LibRaw-debuginfo-0.20.2-6.el9_2.i686.rpm SHA-256: d1bf42712eab15c4140cb4b1b123165ab0365eec2c8e2abf6d4a65ae598016a1 LibRaw-debuginfo-0.20.2-6.el9_2.x86_64.rpm SHA-256: 8e636f2356238bd75b11faf5b1d5d4764581099963c81a5c179f7afd41c13c63 LibRaw-debugsource-0.20.2-6.el9_2.i686.rpm SHA-256: dfe9be495dd5dee8c97d88a88e3bdec0be24bf3eddbc6b3fcf9ae55e703102b2 LibRaw-debugsource-0.20.2-6.el9_2.x86_64.rpm SHA-256: be8b80791061a9cc6e54cc5bebdf4f3d2d7c785a81db5bf5107f4fc421aed75c LibRaw-samples-debuginfo-0.20.2-6.el9_2.i686.rpm SHA-256: a971085a4b29a74f7bf838b22971e120301907413474a0afa62c9f8cc5ceb019 LibRaw-samples-debuginfo-0.20.2-6.el9_2.x86_64.rpm SHA-256: 2ff41bf43a37bd89fab5338f0f9e4b9eeff1c176a47142af7df35b767f343189 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d aarch64 LibRaw-0.20.2-6.el9_2.aarch64.rpm SHA-256: 789aa902d00cd8be163d1116114024db0bc080dc65e350004f8e085e6638634b LibRaw-debuginfo-0.20.2-6.el9_2.aarch64.rpm SHA-256: 0124eed362b8e597339951a32b7b1059676c7a7579a276a217a059f046e1edd4 LibRaw-debugsource-0.20.2-6.el9_2.aarch64.rpm SHA-256: 7003d68be2694aff5ee5eac88ea316efb0e01a5d02e312976f95489569e4b0e9 LibRaw-samples-debuginfo-0.20.2-6.el9_2.aarch64.rpm SHA-256: c2a0dcb29c2e1e58f7652136de739b65569327cde9a6296ffbca2474a1e49b7a Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d ppc64le LibRaw-0.20.2-6.el9_2.ppc64le.rpm SHA-256: ae703cfef14b938be955de202ba65fec866db4ffa2455de0ace5e72b04a06980 LibRaw-debuginfo-0.20.2-6.el9_2.ppc64le.rpm SHA-256: 36cc90bf1f749729ac6db3a8256b22f18410dfb6be6f20bcd928d9a3fb153f00 LibRaw-debugsource-0.20.2-6.el9_2.ppc64le.rpm SHA-256: 208fcdc41e264c484d0123c7b8eb3922d7d9002d4334469998fed3d2c52809b1 LibRaw-samples-debuginfo-0.20.2-6.el9_2.ppc64le.rpm SHA-256: fc7414ddeb397a5b4000cfa2684a0a82ebd025b6f88991f91f17ee2682495a11 Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 SRPM LibRaw-0.20.2-6.el9_2.src.rpm SHA-256: 87c5a4551e8cf8416cb8aee62bc6ddea68ce55b171f4ec6359a677f88ab7774d s390x LibRaw-0.20.2-6.el9_2.s390x.rpm SHA-256: 6212445dc40e521dc9ff2ff19c39a5be04e9066c8e82e12704b4c0176da9894d LibRaw-debuginfo-0.20.2-6.el9_2.s390x.rpm SHA-256: 82a3542c0fbe56a279e543caa0a5831a8cbcbdca934fbe284430e24f5bfd48fd LibRaw-debugsource-0.20.2-6.el9_2.s390x.rpm SHA-256: d2377baefc320e1ae004e823aefc70c154dcd29fabde2faea4e784616a0e155a LibRaw-samples-debuginfo-0.20.2-6.el9_2.s390x.rpm SHA-256: 5fc11ac27f22f0f6f49819b7b26c2537a8b464ec89527187c9c79e8beedc71fe The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .