Security News

Cybersecurity news aggregator

🔄
INFO Updates Red Hat Errata

RHSA-2026:15980: Important: rhc security update

cve-2026-32282red-hatcve-2026-32283cve-2026-32280
  • What: Security update for rhc in Red Hat Enterprise Linux 8
  • Impact: Systems using rhc may be vulnerable to symlink-based privilege escalation
Read Full Article →

Red Hat Product Errata RHSA-2026:15980 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:15980 - Security Advisory Overview Updated Packages Synopsis Important: rhc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rhc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security Fix(es): golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-32280 CVE-2026-32282 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 x86_64 rhc-0.2.5-7.el8_10.x86_64.rpm SHA-256: f105b3dbf45146832abb72bae01e4ba1eb1fec3a300b9b4ab7dda8fdec3ced23 rhc-debuginfo-0.2.5-7.el8_10.x86_64.rpm SHA-256: 0e2a2e461e7aa840d36ede15508a3dad860e8b4e2218924e3ac923494a7e1a3f rhc-debugsource-0.2.5-7.el8_10.x86_64.rpm SHA-256: e168fee8f20c6ead7e54ac63593bdea2a86aeb77d19d6a6d2556a5c0142cfdd9 Red Hat Enterprise Linux for IBM z Systems 8 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 s390x rhc-0.2.5-7.el8_10.s390x.rpm SHA-256: 3e3a5462ea747ebe76d1fd8b6b2d4063e13ed6e12da61ff6bfce3c3507b9f559 rhc-debuginfo-0.2.5-7.el8_10.s390x.rpm SHA-256: 94b8351e69495e773e78fe1e6ab3d0776c77cd3a04368ab9bd284d208ff5904b rhc-debugsource-0.2.5-7.el8_10.s390x.rpm SHA-256: 00dd4646c1a040ad06ca9a567827b00fb93a6d16d046d789e3bb0e794aa1aa9a Red Hat Enterprise Linux for Power, little endian 8 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 ppc64le rhc-0.2.5-7.el8_10.ppc64le.rpm SHA-256: fb1164ad0667afb802b23c0cf5a2f71e80e0031e9975d6e6dd33202002de6ec2 rhc-debuginfo-0.2.5-7.el8_10.ppc64le.rpm SHA-256: bf5c6a7afcc69232bff4261daaceec75667959c2e873f23af30a6cdd9b08b8f1 rhc-debugsource-0.2.5-7.el8_10.ppc64le.rpm SHA-256: 93874709afe56de11974e97b8eb8626ba0ea4456adf8da88a8fec3aa6f39a6a2 Red Hat Enterprise Linux for ARM 64 8 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 aarch64 rhc-0.2.5-7.el8_10.aarch64.rpm SHA-256: 03cdde2c32f6b759f2a26841c3b6f743bc2c9cfe51ee082e0943376caa2c5dbf rhc-debuginfo-0.2.5-7.el8_10.aarch64.rpm SHA-256: 71d24e9d72b846b6b10c42893ccb00c48a2a1495b49bca0c08cfe9f1043de398 rhc-debugsource-0.2.5-7.el8_10.aarch64.rpm SHA-256: 2b4b9bc5384202da08b8ab3d27bdccb5392f189f031d9c20465a9ce48bb4f342 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 x86_64 rhc-0.2.5-7.el8_10.x86_64.rpm SHA-256: f105b3dbf45146832abb72bae01e4ba1eb1fec3a300b9b4ab7dda8fdec3ced23 rhc-debuginfo-0.2.5-7.el8_10.x86_64.rpm SHA-256: 0e2a2e461e7aa840d36ede15508a3dad860e8b4e2218924e3ac923494a7e1a3f rhc-debugsource-0.2.5-7.el8_10.x86_64.rpm SHA-256: e168fee8f20c6ead7e54ac63593bdea2a86aeb77d19d6a6d2556a5c0142cfdd9 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 aarch64 rhc-0.2.5-7.el8_10.aarch64.rpm SHA-256: 03cdde2c32f6b759f2a26841c3b6f743bc2c9cfe51ee082e0943376caa2c5dbf rhc-debuginfo-0.2.5-7.el8_10.aarch64.rpm SHA-256: 71d24e9d72b846b6b10c42893ccb00c48a2a1495b49bca0c08cfe9f1043de398 rhc-debugsource-0.2.5-7.el8_10.aarch64.rpm SHA-256: 2b4b9bc5384202da08b8ab3d27bdccb5392f189f031d9c20465a9ce48bb4f342 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 ppc64le rhc-0.2.5-7.el8_10.ppc64le.rpm SHA-256: fb1164ad0667afb802b23c0cf5a2f71e80e0031e9975d6e6dd33202002de6ec2 rhc-debuginfo-0.2.5-7.el8_10.ppc64le.rpm SHA-256: bf5c6a7afcc69232bff4261daaceec75667959c2e873f23af30a6cdd9b08b8f1 rhc-debugsource-0.2.5-7.el8_10.ppc64le.rpm SHA-256: 93874709afe56de11974e97b8eb8626ba0ea4456adf8da88a8fec3aa6f39a6a2 Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 SRPM rhc-0.2.5-7.el8_10.src.rpm SHA-256: c352a2f468b37d1d1477668a2199acd71949bdaf0ffe7fdb9ad1a8804c8509a0 s390x rhc-0.2.5-7.el8_10.s390x.rpm SHA-256: 3e3a5462ea747ebe76d1fd8b6b2d4063e13ed6e12da61ff6bfce3c3507b9f559 rhc-debuginfo-0.2.5-7.el8_10.s390x.rpm SHA-256: 94b8351e69495e773e78fe1e6ab3d0776c77cd3a04368ab9bd284d208ff5904b rhc-debugsource-0.2.5-7.el8_10.s390x.rpm SHA-256: 00dd4646c1a040ad06ca9a567827b00fb93a6d16d046d789e3bb0e794aa1aa9a The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .

Related Articles

HIGH RHSA-2026:16875: Important: git-lfs security update Red Hat Errata HIGH RHSA-2026:19135: Important: opentelemetry-collector security update Red Hat Errata HIGH RHSA-2026:19350: Important: git-lfs security update Red Hat Errata HIGH RHSA-2026:19839: Important: grafana-pcp security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn