Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:16498: Important: golang security update

redhatgolangcve-2026-27140
A vulnerability (CVE-2026-27140) in the Go compiler's `cmd/go` tool allows arbitrary code execution via malicious SWIG file names during builds. The CVSS 3.1 base score is 8.8 (High). Affected versions are Go 1.x prior to 1.25.9, and Go 1.26.0 through 1.26.1; the fixed versions are Go 1.25.9 and Go 1.26.2.
Read Full Article →

Red Hat Product Errata RHSA-2026:16498 - Security Advisory Issued: 2026-05-12 Updated: 2026-05-12 RHSA-2026:16498 - Security Advisory Overview Updated Packages Synopsis Important: golang security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for golang is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The golang packages provide the Go programming language compiler. Security Fix(es): cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - AUS 9.2 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 s390x Fixes BZ - 2456341 - CVE-2026-27140 cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names CVEs CVE-2026-27140 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - AUS 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 x86_64 golang-1.19.13-25.el9_2.x86_64.rpm SHA-256: 3957bb37b91a636313b0bf4eca134c7f68327168f7ff871050f2d8c0c9a2fe83 golang-bin-1.19.13-25.el9_2.x86_64.rpm SHA-256: cd52cdaaa228b7df4d50fe851859956407141ceb3808c89afdab06fa28852d58 golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-race-1.19.13-25.el9_2.x86_64.rpm SHA-256: 664d4fe3802f48131995469e64c453ade38d0d756d18537c943eac4275632a14 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 ppc64le golang-1.19.13-25.el9_2.ppc64le.rpm SHA-256: f5a50ee445817c64d804dd4ecce754b0477a4583f9ee5c22c65c4e47477e32c5 golang-bin-1.19.13-25.el9_2.ppc64le.rpm SHA-256: f02d6d334e9d4a07b17ee1e575a399049c880eed9a2da1e084a70d0a8a6520ce golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 x86_64 golang-1.19.13-25.el9_2.x86_64.rpm SHA-256: 3957bb37b91a636313b0bf4eca134c7f68327168f7ff871050f2d8c0c9a2fe83 golang-bin-1.19.13-25.el9_2.x86_64.rpm SHA-256: cd52cdaaa228b7df4d50fe851859956407141ceb3808c89afdab06fa28852d58 golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-race-1.19.13-25.el9_2.x86_64.rpm SHA-256: 664d4fe3802f48131995469e64c453ade38d0d756d18537c943eac4275632a14 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 aarch64 golang-1.19.13-25.el9_2.aarch64.rpm SHA-256: 91d1a07ce4eaa9686c970c3daf3a5324ac07d49156bf7f8ea608c9817243a1b5 golang-bin-1.19.13-25.el9_2.aarch64.rpm SHA-256: ccb44a5ea24c6b77b524367d42214232a6db5388fb8cadf3196acda50e555691 golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 s390x golang-1.19.13-25.el9_2.s390x.rpm SHA-256: e52f749f1f27937a0825729a4437e8503a6ea14809cfc33e5272c34915aa6c0c golang-bin-1.19.13-25.el9_2.s390x.rpm SHA-256: 9c807cd0a9b9e65ce6ec98e49e09cc3803a422882497558d993026254185670f golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 x86_64 golang-1.19.13-25.el9_2.x86_64.rpm SHA-256: 3957bb37b91a636313b0bf4eca134c7f68327168f7ff871050f2d8c0c9a2fe83 golang-bin-1.19.13-25.el9_2.x86_64.rpm SHA-256: cd52cdaaa228b7df4d50fe851859956407141ceb3808c89afdab06fa28852d58 golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-race-1.19.13-25.el9_2.x86_64.rpm SHA-256: 664d4fe3802f48131995469e64c453ade38d0d756d18537c943eac4275632a14 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 aarch64 golang-1.19.13-25.el9_2.aarch64.rpm SHA-256: 91d1a07ce4eaa9686c970c3daf3a5324ac07d49156bf7f8ea608c9817243a1b5 golang-bin-1.19.13-25.el9_2.aarch64.rpm SHA-256: ccb44a5ea24c6b77b524367d42214232a6db5388fb8cadf3196acda50e555691 golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 ppc64le golang-1.19.13-25.el9_2.ppc64le.rpm SHA-256: f5a50ee445817c64d804dd4ecce754b0477a4583f9ee5c22c65c4e47477e32c5 golang-bin-1.19.13-25.el9_2.ppc64le.rpm SHA-256: f02d6d334e9d4a07b17ee1e575a399049c880eed9a2da1e084a70d0a8a6520ce golang-docs-1.19.13-25.el9_2.noarch.rpm SHA-256: 64b2e070e9c8c4c42b3ba54757fe8466079b4a977c8aa1fe96101f0f52a97087 golang-misc-1.19.13-25.el9_2.noarch.rpm SHA-256: 34a567615c7c0508973c756536c3fa3366d309d0d0d9e8fad10aa5e42728e9f6 golang-src-1.19.13-25.el9_2.noarch.rpm SHA-256: de6afb3976887a8d953a68f711a36d0e4a1af229ad6af29325e9a6d07d3ab37c golang-tests-1.19.13-25.el9_2.noarch.rpm SHA-256: 7077a3152ec5386073586fa197ac412dd4193b9b7113759d3a029ec620959d95 Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.2 SRPM golang-1.19.13-25.el9_2.src.rpm SHA-256: 55140c5de1522fafe39b3ac8f2449f5dc4af5eaee75a035a4f823b17b070bb00 s390x golang-1.19.13-25.el9_2.s390x.rpm SHA-256: e52f749f1f27937a0825729a4437e8503a6ea14809cfc33e5272c34915aa6c0c golang-bin-1.19.13-25.el9_2.s390x.rpm SHA-256: 9c807cd0a9b9e65ce6ec98e49e09cc3803a422882497558d993026254185670f golang-docs-1.19.13-25.el9_2.no

Related Articles

INFO RHSA-2026:16024: Important: golang security update Red Hat Errata HIGH RHSA-2026:16021: Important: golang security update Red Hat Errata HIGH RHSA-2026:16698: Important: go-toolset:rhel8 security update Red Hat Errata HIGH RHSA-2026:16694: Important: go-toolset:rhel8 security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn