Red Hat Product Errata RHSA-2026:14210 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:14210 - Security Advisory Overview Updated Packages Synopsis Moderate: corosync security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for corosync is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fix(es): corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet (CVE-2026-35091) corosync: Corosync: Denial of Service via integer overflow in join message validation (CVE-2026-35092) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.2 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.2 ppc64le Red Hat Enterprise Linux Resilient Storage for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Advanced Update Support 9.2 x86_64 Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 9.2 s390x Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Life Cycle 9.2 s390x Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Life Cycle 9.2 x86_64 Fixes BZ - 2453813 - CVE-2026-35091 corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet BZ - 2453814 - CVE-2026-35092 corosync: Corosync: Denial of Service via integer overflow in join message validation CVEs CVE-2026-35091 CVE-2026-35092 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM corosync-3.1.7-1.el9_2.1.src.rpm SHA-256: e4136f9b1dc664e80b23927a927ef19ee1bd1432d1b764802a1d79faa6fef071 x86_64 corosync-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: 3aa048959973d9069f6a7d429504be6534244b5d9b962012e0db4b59851e0d10 corosync-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: c760c1edf8e74af7d8a1bfac32174e5697377c50079430f532ceceb9b5238a42 corosync-debugsource-3.1.7-1.el9_2.1.i686.rpm SHA-256: fd8be4f6f9c1df047ab7dd6a9fd478cab7846d523df2e70c3f63fb69ad0f5064 corosync-debugsource-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 400fc3b62e949f74b42e59bb7e86b147be8eec05d458309843ad6a7f74b99dde corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: d9644b231802d6016add5d2a687baca0dcdcc6c67728a722250460f8b0248f79 corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 1ce19388d26c31aaddbfdc1162c826ffbe18eb2027eda023bb2b1bebdba6d58b corosynclib-3.1.7-1.el9_2.1.i686.rpm SHA-256: a0a2ceafd0df62a19e9278627c02680203d36ee27737b3d57d3a0554b1eec847 corosynclib-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 04c216cdf8afc8e568e4b014dbd5139aab2a80db801b8b11ad02d13b3f1bac3f corosynclib-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: 26834b0666e25610fdeda86d108e1f25d7f5c0d08b74dbf2a24bf7649dcc2f0d corosynclib-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: d2b45fb0d845f588383b4c39d3b00bdae3b24ddb619f071393b0e7481e3a1207 Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.2 SRPM ppc64le corosync-3.1.7-1.el9_2.1.ppc64le.rpm SHA-256: 380c2058abe7759250dbae7ac814ef0805c3ed72dfb0e13322eab2a849657ebc corosync-debuginfo-3.1.7-1.el9_2.1.ppc64le.rpm SHA-256: 64e032848c6e0b8a1009a813ce7c2c59ec0d2dcab06af27e952ed5a0632e6820 corosync-debugsource-3.1.7-1.el9_2.1.ppc64le.rpm SHA-256: 2042e53d98c6cba0f6fc9e4563e3efdddc42dd30d29f72843f545c7198b20f3d corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.ppc64le.rpm SHA-256: f4df32c05451d13f7ceb00feaf67c8a9e1db5682ad322184a481c557cc9dd310 corosynclib-3.1.7-1.el9_2.1.ppc64le.rpm SHA-256: 897350ec0ddc89f0514b4cbd5987cda3d4509400e88c51de730d3c14b256afa5 corosynclib-debuginfo-3.1.7-1.el9_2.1.ppc64le.rpm SHA-256: 2b60508bcf52b5eda44d468b646c0106bc2ba735532714d4822aeb9a8379c5d9 corosynclib-devel-3.1.7-1.el9_2.1.ppc64le.rpm SHA-256: 68f482c34af443688ec2a8374de1ae8dcea5bd492681be71aae11311ca9c4854 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM corosync-3.1.7-1.el9_2.1.src.rpm SHA-256: e4136f9b1dc664e80b23927a927ef19ee1bd1432d1b764802a1d79faa6fef071 x86_64 corosync-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: 3aa048959973d9069f6a7d429504be6534244b5d9b962012e0db4b59851e0d10 corosync-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: c760c1edf8e74af7d8a1bfac32174e5697377c50079430f532ceceb9b5238a42 corosync-debugsource-3.1.7-1.el9_2.1.i686.rpm SHA-256: fd8be4f6f9c1df047ab7dd6a9fd478cab7846d523df2e70c3f63fb69ad0f5064 corosync-debugsource-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 400fc3b62e949f74b42e59bb7e86b147be8eec05d458309843ad6a7f74b99dde corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: d9644b231802d6016add5d2a687baca0dcdcc6c67728a722250460f8b0248f79 corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 1ce19388d26c31aaddbfdc1162c826ffbe18eb2027eda023bb2b1bebdba6d58b corosynclib-3.1.7-1.el9_2.1.i686.rpm SHA-256: a0a2ceafd0df62a19e9278627c02680203d36ee27737b3d57d3a0554b1eec847 corosynclib-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 04c216cdf8afc8e568e4b014dbd5139aab2a80db801b8b11ad02d13b3f1bac3f corosynclib-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: 26834b0666e25610fdeda86d108e1f25d7f5c0d08b74dbf2a24bf7649dcc2f0d corosynclib-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: d2b45fb0d845f588383b4c39d3b00bdae3b24ddb619f071393b0e7481e3a1207 Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.2 SRPM x86_64 corosync-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 108aa994dbc16057e7d228a3e312d69b696b50b59264a1680099a3ec31c21577 corosync-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: 3aa048959973d9069f6a7d429504be6534244b5d9b962012e0db4b59851e0d10 corosync-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: c760c1edf8e74af7d8a1bfac32174e5697377c50079430f532ceceb9b5238a42 corosync-debugsource-3.1.7-1.el9_2.1.i686.rpm SHA-256: fd8be4f6f9c1df047ab7dd6a9fd478cab7846d523df2e70c3f63fb69ad0f5064 corosync-debugsource-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 400fc3b62e949f74b42e59bb7e86b147be8eec05d458309843ad6a7f74b99dde corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: d9644b231802d6016add5d2a687baca0dcdcc6c67728a722250460f8b0248f79 corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: 1ce19388d26c31aaddbfdc1162c826ffbe18eb2027eda023bb2b1bebdba6d58b corosynclib-debuginfo-3.1.7-1.el9_2.1.i686.rpm SHA-256: 26834b0666e25610fdeda86d108e1f25d7f5c0d08b74dbf2a24bf7649dcc2f0d corosynclib-debuginfo-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: d2b45fb0d845f588383b4c39d3b00bdae3b24ddb619f071393b0e7481e3a1207 corosynclib-devel-3.1.7-1.el9_2.1.i686.rpm SHA-256: 11998ae347dea64fab7c22d5c734c2d52ada38a93ab01a4a899a82f485998d50 corosynclib-devel-3.1.7-1.el9_2.1.x86_64.rpm SHA-256: a935ffcfc11559a83bde2f06a6e44c088cf387b099f6e219b5880cb23e56e269 Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.2 SRPM aarch64 corosync-3.1.7-1.el9_2.1.aarch64.rpm SHA-256: 5e75a55fb0b40ff76aa57c742e0322efffbe6e443af311c60b4f2646ab2b700c corosync-debuginfo-3.1.7-1.el9_2.1.aarch64.rpm SHA-256: ea20344a3c48d07d1557437f68495775167190f3f546d883d6ec81879130ca79 corosync-debugsource-3.1.7-1.el9_2.1.aarch64.rpm SHA-256: 1d8d3816c7147169047ab78d4d33fb01801121d61a38ca909e95b87f50d1cb94 corosync-vqsim-debuginfo-3.1.7-1.el9_2.1.aarch64.rpm SHA-256: 674a16d042e5ce15f5841baf473b3ffeda985625046342bd40c35db09504fc84 corosynclib-3.1.7-1.el9_2.1.aarch64.rpm SHA-256: 7709bee038460eeea2c599aa512ed11968d6c1546f7a08c6c591b2bbd6d3e1fe corosynclib-debuginfo-3.1.7-1.el9_2.1.aarch64.rpm SHA-256: 96ac4d823d89aad240c04d7567b16b1e62af37e61f28048ff28fcce9b81932c2 corosynclib-devel-3.1.7-1.el9_2.1.aarch64.rpm SHA-256: 9b6da0614e782b0b7d5d23c8ca41376248e9561b4b945d8037e23576561ed1cd Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.2 SRPM s390x corosync-3.1.7-1.el9_2.1.s390x.rpm SHA-256: 0debda9da9a76ddda39350034205837ba6b839a22b8b2ed3fbb8fa998cb97949 corosync-debuginfo-3.1.7-1.el9_2.1.s390x.rpm SHA-256: b6dff1f56f0fbbde5934d7baa69df95845efcc950baa782dc9881de4ff419b2f corosync-debugsource-3.1.7-1.el9_2.1.s390x.rpm SHA-256: 1aca919e1e647c16bd2675a5d2ef9f1a98812