Red Hat Product Errata RHSA-2026:14211 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:14211 - Security Advisory Overview Updated Packages Synopsis Moderate: corosync security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for corosync is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fix(es): corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet (CVE-2026-35091) corosync: Corosync: Denial of Service via integer overflow in join message validation (CVE-2026-35092) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.0 s390x Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.0 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.0 ppc64le Red Hat Enterprise Linux Resilient Storage for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2453813 - CVE-2026-35091 corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet BZ - 2453814 - CVE-2026-35092 corosync: Corosync: Denial of Service via integer overflow in join message validation CVEs CVE-2026-35091 CVE-2026-35092 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.0 SRPM ppc64le corosync-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: 4a70d4eeb4b30a2df0452082d17bca1e906d4d951022bb19522975108ffef174 corosync-debuginfo-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: a623d88d9da6227adb44923be02c0a34dfc8a25d30d6157fb02c2a58c257c627 corosync-debugsource-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: 9714c7ed50b1e9ff506761f5ffea6fc02be628ee70079258dfe1e37c63cd7e28 corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: 283fc6266ba9cd18bab4f8bf1a8d34950ffb5567272925887dde76f4e107273d corosynclib-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: 88723c5d8469774ab91ff3dfdb971a024b63151ee7f430e2a64af622efb7a066 corosynclib-debuginfo-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: ac26ffbabf14ad93807bd3df25b6c8def678a8a602fdfd0b16673a0f52535143 corosynclib-devel-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: e128afae32aeefd73c6d84a3978f81a228d3e3e538f681c84bd275cf7b428a29 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM corosync-3.1.5-3.el9_0.1.src.rpm SHA-256: 66435ea15811d02f960643d44ebcaf4091594f3cef1c2ea397af70242ccefafc x86_64 corosync-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 57bd26b20b9f0668eaea0464dd5acace6805571d4d82bd13aea4a63201f5584a corosync-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: f9978651be4dcf753a495331a9ea5919ed168da5d55d7a4d0e47c1741f559f8e corosync-debugsource-3.1.5-3.el9_0.1.i686.rpm SHA-256: 23aa45e4264e516591cdf563c0a244beed0faeb6a56d3ae01741960c86123514 corosync-debugsource-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: c61503a5bc6dce23d3d38c05e5e7c623e49eefeffe810e52ebcae77d3fead938 corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 7522e6625946bbe5ffcf324e8a91145c34789e88739f835106598e656eb2c05a corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 2ee2e0f66644672f39a7fbb9314002575ba05e71854acbd1c4e75673f2236bf3 corosynclib-3.1.5-3.el9_0.1.i686.rpm SHA-256: c70fc0def96da09e601dda3d26f319608c6f6efcae4dbe8ca0cf53617c72efbb corosynclib-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: afdb99618ebcd0a911b93a971c9ead4416c188bbc1bb3683881bab992de5a9cc corosynclib-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 812e7f0f94b4efc3708143dc86b55aacc3db6459cf593e478e1b7be58a9e60d0 corosynclib-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 2423ed2e036578057b566891b99c8e2cd7ee54e4ab5d76019a32f9d63a943a67 Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.0 SRPM x86_64 corosync-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 382cbf32e0667f85013ce6ec2f7a910dfa742fb4910535f93a53717360c4137f corosync-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 57bd26b20b9f0668eaea0464dd5acace6805571d4d82bd13aea4a63201f5584a corosync-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: f9978651be4dcf753a495331a9ea5919ed168da5d55d7a4d0e47c1741f559f8e corosync-debugsource-3.1.5-3.el9_0.1.i686.rpm SHA-256: 23aa45e4264e516591cdf563c0a244beed0faeb6a56d3ae01741960c86123514 corosync-debugsource-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: c61503a5bc6dce23d3d38c05e5e7c623e49eefeffe810e52ebcae77d3fead938 corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 7522e6625946bbe5ffcf324e8a91145c34789e88739f835106598e656eb2c05a corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 2ee2e0f66644672f39a7fbb9314002575ba05e71854acbd1c4e75673f2236bf3 corosynclib-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 812e7f0f94b4efc3708143dc86b55aacc3db6459cf593e478e1b7be58a9e60d0 corosynclib-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 2423ed2e036578057b566891b99c8e2cd7ee54e4ab5d76019a32f9d63a943a67 corosynclib-devel-3.1.5-3.el9_0.1.i686.rpm SHA-256: 3ab3a41e0a4b5ba15635044d7d996c00ea3fcc706e3e23ca0d38bb890ad79275 corosynclib-devel-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 6eedebf2c8fbd0252698bb2cbcd6f1dcdfebf6a0874aa40b74469928bb88774c Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.0 SRPM aarch64 corosync-3.1.5-3.el9_0.1.aarch64.rpm SHA-256: 734632ea6a1abb614b4b2ffd4321b6d5ca5faaff3b89526f67aac720edb0d115 corosync-debuginfo-3.1.5-3.el9_0.1.aarch64.rpm SHA-256: 1f22d990974d949bf74598316a0807b252b382564daf22642e8b157047c6af54 corosync-debugsource-3.1.5-3.el9_0.1.aarch64.rpm SHA-256: bf249377fae83c5679053c055a297d732a42d05bbbc421b0832ef5631682abc5 corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.aarch64.rpm SHA-256: 09080617e2ed48a5ac84895a650937a67c3ab0cd2a380ddbf1ac44f52f1d50ee corosynclib-3.1.5-3.el9_0.1.aarch64.rpm SHA-256: dd123c37ada1df3d471a44fbe57dedcfb85f523e83f47a84efb13686847299a4 corosynclib-debuginfo-3.1.5-3.el9_0.1.aarch64.rpm SHA-256: d637843391d15c83c4c62b909cdb0968fb082eb041f799c3c562d588b2291568 corosynclib-devel-3.1.5-3.el9_0.1.aarch64.rpm SHA-256: 1b72c2275379216569925b7963547807d74c5cc83c310612f509e4ed026111d3 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.0 SRPM s390x corosync-3.1.5-3.el9_0.1.s390x.rpm SHA-256: 77c2cea97942dc1ca12a294f8fcd09146dbc72db8b0922ea71682fdc202b242b corosync-debuginfo-3.1.5-3.el9_0.1.s390x.rpm SHA-256: 0d91a3701921d62a6ecaf6f5e8c973c7bfda35f3ebe703c15f56352dac239bea corosync-debugsource-3.1.5-3.el9_0.1.s390x.rpm SHA-256: fd24822cacdcbd8bd41e8e4a6be6613eb558baf0171e1300df784cfcc80368ab corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.s390x.rpm SHA-256: a065369ee8147413ada920cd556e7c62abff825ea6a75ef5cff70f50f74ecf3e corosynclib-3.1.5-3.el9_0.1.s390x.rpm SHA-256: 83373577f5fd082132fadc19d6631cd79ebdd5502275b9a85d91f19923617376 corosynclib-debuginfo-3.1.5-3.el9_0.1.s390x.rpm SHA-256: e8b05d27f4eec3a18f78a9127d85c8d6d92f1c8aa5202568c0bfc0ae68d8b0a5 corosynclib-devel-3.1.5-3.el9_0.1.s390x.rpm SHA-256: 4a205fe2641e80169ad8c646fedf8724837851d684977ce499d299873b47c7c3 Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.0 SRPM x86_64 corosync-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 382cbf32e0667f85013ce6ec2f7a910dfa742fb4910535f93a53717360c4137f corosync-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 57bd26b20b9f0668eaea0464dd5acace6805571d4d82bd13aea4a63201f5584a corosync-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: f9978651be4dcf753a495331a9ea5919ed168da5d55d7a4d0e47c1741f559f8e corosync-debugsource-3.1.5-3.el9_0.1.i686.rpm SHA-256: 23aa45e4264e516591cdf563c0a244beed0faeb6a56d3ae01741960c86123514 corosync-debugsource-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: c61503a5bc6dce23d3d38c05e5e7c623e49eefeffe810e52ebcae77d3fead938 corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 7522e6625946bbe5ffcf324e8a91145c34789e88739f835106598e656eb2c05a corosync-vqsim-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 2ee2e0f66644672f39a7fbb9314002575ba05e71854acbd1c4e75673f2236bf3 corosynclib-debuginfo-3.1.5-3.el9_0.1.i686.rpm SHA-256: 812e7f0f94b4efc3708143dc86b55aacc3db6459cf593e478e1b7be58a9e60d0 corosynclib-debuginfo-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 2423ed2e036578057b566891b99c8e2cd7ee54e4ab5d76019a32f9d63a943a67 corosynclib-devel-3.1.5-3.el9_0.1.i686.rpm SHA-256: 3ab3a41e0a4b5ba15635044d7d996c00ea3fcc706e3e23ca0d38bb890ad79275 corosynclib-devel-3.1.5-3.el9_0.1.x86_64.rpm SHA-256: 6eedebf2c8fbd0252698bb2cbcd6f1dcdfebf6a0874aa40b74469928bb88774c Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.0 SRPM ppc64le corosync-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: 4a70d4eeb4b30a2df0452082d17bca1e906d4d951022bb19522975108ffef174 corosync-debuginfo-3.1.5-3.el9_0.1.ppc64le.rpm SHA-256: a623d88d9da6227adb44923be02c0a3