Red Hat Product Errata RHSA-2026:14215 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:14215 - Security Advisory Overview Updated Packages Synopsis Moderate: corosync security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for corosync is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fix(es): corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet (CVE-2026-35091) corosync: Corosync: Denial of Service via integer overflow in join message validation (CVE-2026-35092) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64 Red Hat Enterprise Linux Server - AUS 8.4 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Advanced Update Support 8.4 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support Extension 8.4 x86_64 Fixes BZ - 2453813 - CVE-2026-35091 corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet BZ - 2453814 - CVE-2026-35092 corosync: Corosync: Denial of Service via integer overflow in join message validation CVEs CVE-2026-35091 CVE-2026-35092 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 SRPM corosync-3.1.0-3.el8_4.2.src.rpm SHA-256: 3a61c42739c30c15db0aeca1eae64db102985f962b7dac1a9be2958452398874 x86_64 corosync-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: a2468a2ec27da99e3c95a722bb3b5e955d0d5427bf4761a5763fd5beb6bf9d69 corosync-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 83306c297c3d738fca1de19d3eb1832e6baacb0f37a4c83355437e342c4ff52f corosync-debugsource-3.1.0-3.el8_4.2.i686.rpm SHA-256: bcbb2772e6169c3feccbbfc4a7ef8568290b5c486024312079009d0394a2a97e corosync-debugsource-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7d4d1815b97e79dfe0f7445c4b0577531680e7bf3c4c91b0fb8dd31c6a3c3d8 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 526cde47fe441df6c4ec937066051c6e4fb9e0fee65e82644b7b361e515a8a93 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 2c314e24a840c6da77405444ea9e7fd52b2af46fb6a38f2dce59fab459c5dab8 corosynclib-3.1.0-3.el8_4.2.i686.rpm SHA-256: b825ae5465d60bd7affdfac69452139c2dd1b37bba059f1aa84b940ddffb7840 corosynclib-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: fa90103f96748c83aecda6a04304df3f49a6f5a093f6a0ff10ec012510a5dfb9 corosynclib-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 830cd248c1e0bf352345b053cc6dcfbe531d8b0401ae5543208e60081ced0d41 corosynclib-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 641f3e380683302a85ed044ff66b6d7b221eef2825897c5db7902262e97d38d5 spausedd-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: fbd933d1ab0caa0b1de217a5818343f49c4f5e673a8a64557863d283d64b0b9d spausedd-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7637a26ee5e042993a31ce9037bcf606f3ceffd092a54ac4dca23f58b634f85 Red Hat Enterprise Linux Server - AUS 8.4 SRPM corosync-3.1.0-3.el8_4.2.src.rpm SHA-256: 3a61c42739c30c15db0aeca1eae64db102985f962b7dac1a9be2958452398874 x86_64 corosync-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: a2468a2ec27da99e3c95a722bb3b5e955d0d5427bf4761a5763fd5beb6bf9d69 corosync-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 83306c297c3d738fca1de19d3eb1832e6baacb0f37a4c83355437e342c4ff52f corosync-debugsource-3.1.0-3.el8_4.2.i686.rpm SHA-256: bcbb2772e6169c3feccbbfc4a7ef8568290b5c486024312079009d0394a2a97e corosync-debugsource-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7d4d1815b97e79dfe0f7445c4b0577531680e7bf3c4c91b0fb8dd31c6a3c3d8 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 526cde47fe441df6c4ec937066051c6e4fb9e0fee65e82644b7b361e515a8a93 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 2c314e24a840c6da77405444ea9e7fd52b2af46fb6a38f2dce59fab459c5dab8 corosynclib-3.1.0-3.el8_4.2.i686.rpm SHA-256: b825ae5465d60bd7affdfac69452139c2dd1b37bba059f1aa84b940ddffb7840 corosynclib-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: fa90103f96748c83aecda6a04304df3f49a6f5a093f6a0ff10ec012510a5dfb9 corosynclib-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 830cd248c1e0bf352345b053cc6dcfbe531d8b0401ae5543208e60081ced0d41 corosynclib-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 641f3e380683302a85ed044ff66b6d7b221eef2825897c5db7902262e97d38d5 spausedd-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: fbd933d1ab0caa0b1de217a5818343f49c4f5e673a8a64557863d283d64b0b9d spausedd-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7637a26ee5e042993a31ce9037bcf606f3ceffd092a54ac4dca23f58b634f85 Red Hat Enterprise Linux High Availability for x86_64 - Advanced Update Support 8.4 SRPM x86_64 corosync-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 65665c5265987bcb02dcd0626733ec05d5cc28ef70602d109b299d8e0434e3d3 corosync-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: a2468a2ec27da99e3c95a722bb3b5e955d0d5427bf4761a5763fd5beb6bf9d69 corosync-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 83306c297c3d738fca1de19d3eb1832e6baacb0f37a4c83355437e342c4ff52f corosync-debugsource-3.1.0-3.el8_4.2.i686.rpm SHA-256: bcbb2772e6169c3feccbbfc4a7ef8568290b5c486024312079009d0394a2a97e corosync-debugsource-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7d4d1815b97e79dfe0f7445c4b0577531680e7bf3c4c91b0fb8dd31c6a3c3d8 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 526cde47fe441df6c4ec937066051c6e4fb9e0fee65e82644b7b361e515a8a93 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 2c314e24a840c6da77405444ea9e7fd52b2af46fb6a38f2dce59fab459c5dab8 corosynclib-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 830cd248c1e0bf352345b053cc6dcfbe531d8b0401ae5543208e60081ced0d41 corosynclib-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 641f3e380683302a85ed044ff66b6d7b221eef2825897c5db7902262e97d38d5 corosynclib-devel-3.1.0-3.el8_4.2.i686.rpm SHA-256: c635055e9c6bc8469f778ec454c767dcb032d9306d157f6b85266a07ad070e35 corosynclib-devel-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 9659f7284b4acd24220896e1b31843c0aaac9e019eb98c7d057993157ab61a45 spausedd-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: ad522190e43b604c5c289d479f0db0fb4c9fdddd73b88fc4336d5e8bb6aab7d3 spausedd-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: fbd933d1ab0caa0b1de217a5818343f49c4f5e673a8a64557863d283d64b0b9d spausedd-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7637a26ee5e042993a31ce9037bcf606f3ceffd092a54ac4dca23f58b634f85 Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support Extension 8.4 SRPM x86_64 corosync-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 65665c5265987bcb02dcd0626733ec05d5cc28ef70602d109b299d8e0434e3d3 corosync-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: a2468a2ec27da99e3c95a722bb3b5e955d0d5427bf4761a5763fd5beb6bf9d69 corosync-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 83306c297c3d738fca1de19d3eb1832e6baacb0f37a4c83355437e342c4ff52f corosync-debugsource-3.1.0-3.el8_4.2.i686.rpm SHA-256: bcbb2772e6169c3feccbbfc4a7ef8568290b5c486024312079009d0394a2a97e corosync-debugsource-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7d4d1815b97e79dfe0f7445c4b0577531680e7bf3c4c91b0fb8dd31c6a3c3d8 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 526cde47fe441df6c4ec937066051c6e4fb9e0fee65e82644b7b361e515a8a93 corosync-vqsim-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 2c314e24a840c6da77405444ea9e7fd52b2af46fb6a38f2dce59fab459c5dab8 corosynclib-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: 830cd248c1e0bf352345b053cc6dcfbe531d8b0401ae5543208e60081ced0d41 corosynclib-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 641f3e380683302a85ed044ff66b6d7b221eef2825897c5db7902262e97d38d5 corosynclib-devel-3.1.0-3.el8_4.2.i686.rpm SHA-256: c635055e9c6bc8469f778ec454c767dcb032d9306d157f6b85266a07ad070e35 corosynclib-devel-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: 9659f7284b4acd24220896e1b31843c0aaac9e019eb98c7d057993157ab61a45 spausedd-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: ad522190e43b604c5c289d479f0db0fb4c9fdddd73b88fc4336d5e8bb6aab7d3 spausedd-debuginfo-3.1.0-3.el8_4.2.i686.rpm SHA-256: fbd933d1ab0caa0b1de217a5818343f49c4f5e673a8a64557863d283d64b0b9d spausedd-debuginfo-3.1.0-3.el8_4.2.x86_64.rpm SHA-256: f7637a26ee5e042993a31ce9037bcf606f3ceffd092a54ac4dca23f58b634f85 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .