Red Hat Product Errata RHSA-2026:14216 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:14216 - Security Advisory Overview Updated Packages Synopsis Moderate: corosync security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for corosync is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fix(es): corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet (CVE-2026-35091) corosync: Corosync: Denial of Service via integer overflow in join message validation (CVE-2026-35092) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Telecommunications Update Service 8.8 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support Extension 8.8 x86_64 Fixes BZ - 2453813 - CVE-2026-35091 corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet BZ - 2453814 - CVE-2026-35092 corosync: Corosync: Denial of Service via integer overflow in join message validation CVEs CVE-2026-35091 CVE-2026-35092 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM corosync-3.1.7-1.el8_8.1.src.rpm SHA-256: 546ef12fb7af5dc79a9e4067995bfb3f16b87e9144ad04bf20ca6b21e7fc6db2 x86_64 corosync-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: acaafe60dbcf48aac97bbca1029f5f7163dad80bb7712d367fdceaf456d6f610 corosync-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 7fbd97bffc077bda45fc1f8502e331c5b3de1b1598c421af7f8cb2fcb86434d7 corosync-debugsource-3.1.7-1.el8_8.1.i686.rpm SHA-256: 25ea7f36a9e1376c7473979c1c47d0766b43f46db675deb20fd0fba4508a89ff corosync-debugsource-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 71cf9237b6ee91965bb43c3a323b76711b98e1c25cdde7cc288f18cdfd4145c6 corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: 58d2662e7cf920841d9f461799317a500c626998dd3e00c7c2b987d247be1b69 corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 095a05d1fb52cad456dd64f033a889c786309ea4049ecaedac78a401891312d3 corosynclib-3.1.7-1.el8_8.1.i686.rpm SHA-256: d563c356bb597878d51f5a058a7173ba2ca264760b8041c625dd58be9fac606e corosynclib-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: e442e708697c6f4b484702619364d0a4108c843e129ed806ee93ee4dae181e40 corosynclib-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: 25494d67d603fda5986f6fed81a66fb271cf4c8c5b3b601db704f1b2f1138c4a corosynclib-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 88feb42ae1684089db8ab76f1eb2593d784412e1d049f3684ff4a9f14c6560ea spausedd-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: f31dd611661e35d9a32da3ec2ea55a073d560370889fa989745a9e79696daf88 spausedd-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 9089a6c65f5fe9597b6f2e069cf1d7e51a88c59ed8bd83ba8a79f6254ac85229 Red Hat Enterprise Linux Server - TUS 8.8 SRPM corosync-3.1.7-1.el8_8.1.src.rpm SHA-256: 546ef12fb7af5dc79a9e4067995bfb3f16b87e9144ad04bf20ca6b21e7fc6db2 x86_64 corosync-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: acaafe60dbcf48aac97bbca1029f5f7163dad80bb7712d367fdceaf456d6f610 corosync-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 7fbd97bffc077bda45fc1f8502e331c5b3de1b1598c421af7f8cb2fcb86434d7 corosync-debugsource-3.1.7-1.el8_8.1.i686.rpm SHA-256: 25ea7f36a9e1376c7473979c1c47d0766b43f46db675deb20fd0fba4508a89ff corosync-debugsource-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 71cf9237b6ee91965bb43c3a323b76711b98e1c25cdde7cc288f18cdfd4145c6 corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: 58d2662e7cf920841d9f461799317a500c626998dd3e00c7c2b987d247be1b69 corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 095a05d1fb52cad456dd64f033a889c786309ea4049ecaedac78a401891312d3 corosynclib-3.1.7-1.el8_8.1.i686.rpm SHA-256: d563c356bb597878d51f5a058a7173ba2ca264760b8041c625dd58be9fac606e corosynclib-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: e442e708697c6f4b484702619364d0a4108c843e129ed806ee93ee4dae181e40 corosynclib-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: 25494d67d603fda5986f6fed81a66fb271cf4c8c5b3b601db704f1b2f1138c4a corosynclib-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 88feb42ae1684089db8ab76f1eb2593d784412e1d049f3684ff4a9f14c6560ea spausedd-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: f31dd611661e35d9a32da3ec2ea55a073d560370889fa989745a9e79696daf88 spausedd-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 9089a6c65f5fe9597b6f2e069cf1d7e51a88c59ed8bd83ba8a79f6254ac85229 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 SRPM corosync-3.1.7-1.el8_8.1.src.rpm SHA-256: 546ef12fb7af5dc79a9e4067995bfb3f16b87e9144ad04bf20ca6b21e7fc6db2 ppc64le corosync-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 359136d3c79f2ade933e888c72d21b54393ee05e7e5b8e6e598c8bc254f81045 corosync-debugsource-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 4d15e3716fdbe2cf2cee347bcbf80814635f74cc368f9d2bbedc80c87b1c326e corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 871a49de3151866ea52e6d49c76a91f725fc09ed8ecde0eb63c7a498dc64509c corosynclib-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: ec2b7030b4bd250e4014ed33f0d4055946f6bd7819958fd96b2365b810a933aa corosynclib-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 6a3c6dd537ea99d62857856bcf70aa73c822ef0e034b3bcd25a110863924b69b spausedd-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: cc9a4fee956fc3f988ed4b346822362bc814325a5e1b3bc812b14742145202ca Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 8.8 SRPM ppc64le corosync-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 8147d4417d5ac3c0f3d64339d3155cc2ca198add060b5692d65a7603b24e45db corosync-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 359136d3c79f2ade933e888c72d21b54393ee05e7e5b8e6e598c8bc254f81045 corosync-debugsource-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 4d15e3716fdbe2cf2cee347bcbf80814635f74cc368f9d2bbedc80c87b1c326e corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 871a49de3151866ea52e6d49c76a91f725fc09ed8ecde0eb63c7a498dc64509c corosynclib-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 6a3c6dd537ea99d62857856bcf70aa73c822ef0e034b3bcd25a110863924b69b corosynclib-devel-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 43542fb7a23a7aaac456ba14f70f11db7f1a54e92f8fed08dce06835ce8f8d5d spausedd-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: 16c388b7e060d675a71e659bd4b23eed37f2593e2f1724207d8a8058bf030a27 spausedd-debuginfo-3.1.7-1.el8_8.1.ppc64le.rpm SHA-256: cc9a4fee956fc3f988ed4b346822362bc814325a5e1b3bc812b14742145202ca Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 SRPM corosync-3.1.7-1.el8_8.1.src.rpm SHA-256: 546ef12fb7af5dc79a9e4067995bfb3f16b87e9144ad04bf20ca6b21e7fc6db2 x86_64 corosync-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: acaafe60dbcf48aac97bbca1029f5f7163dad80bb7712d367fdceaf456d6f610 corosync-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 7fbd97bffc077bda45fc1f8502e331c5b3de1b1598c421af7f8cb2fcb86434d7 corosync-debugsource-3.1.7-1.el8_8.1.i686.rpm SHA-256: 25ea7f36a9e1376c7473979c1c47d0766b43f46db675deb20fd0fba4508a89ff corosync-debugsource-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 71cf9237b6ee91965bb43c3a323b76711b98e1c25cdde7cc288f18cdfd4145c6 corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: 58d2662e7cf920841d9f461799317a500c626998dd3e00c7c2b987d247be1b69 corosync-vqsim-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 095a05d1fb52cad456dd64f033a889c786309ea4049ecaedac78a401891312d3 corosynclib-3.1.7-1.el8_8.1.i686.rpm SHA-256: d563c356bb597878d51f5a058a7173ba2ca264760b8041c625dd58be9fac606e corosynclib-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: e442e708697c6f4b484702619364d0a4108c843e129ed806ee93ee4dae181e40 corosynclib-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: 25494d67d603fda5986f6fed81a66fb271cf4c8c5b3b601db704f1b2f1138c4a corosynclib-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 88feb42ae1684089db8ab76f1eb2593d784412e1d049f3684ff4a9f14c6560ea spausedd-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: f31dd611661e35d9a32da3ec2ea55a073d560370889fa989745a9e79696daf88 spausedd-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 9089a6c65f5fe9597b6f2e069cf1d7e51a88c59ed8bd83ba8a79f6254ac85229 Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 8.8 SRPM x86_64 corosync-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 173d8a05d6464e4f942e062356a97694c9972cb0888b64805819916034c62f39 corosync-debuginfo-3.1.7-1.el8_8.1.i686.rpm SHA-256: acaafe60dbcf48aac97bbca1029f5f7163dad80bb7712d367fdceaf456d6f610 corosync-debuginfo-3.1.7-1.el8_8.1.x86_64.rpm SHA-256: 7fbd97bffc077bda45fc1f8502e331c5b3de1b1598c421af7f8c