Red Hat Product Errata RHSA-2026:16698 - Security Advisory Issued: 2026-05-13 Updated: 2026-05-13 RHSA-2026:16698 - Security Advisory Overview Updated Packages Synopsis Important: go-toolset:rhel8 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names (CVE-2026-27140) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64 Red Hat Enterprise Linux Server - AUS 8.4 x86_64 Fixes BZ - 2456341 - CVE-2026-27140 cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names CVEs CVE-2026-27140 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 SRPM delve-1.5.0-2.module+el8.4.0+8864+58b0fcdb.src.rpm SHA-256: 82330956b947a41b6641b4a58b476507d2aadb0fb314fb775c2a12bb8786733d go-toolset-1.15.14-3.module+el8.4.0+22765+91da4d3f.src.rpm SHA-256: 60c380bd18f2ebad31ca78dcf75724e54134583a8b8d46d6d0867d167b39a70d golang-1.15.14-22.module+el8.4.0+24267+d2faeddf.src.rpm SHA-256: 1259ab4e7f0f8dc1156a426b453b22f4e93a2c3e24c0cbd0e1fcaef874386f95 x86_64 delve-1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64.rpm SHA-256: ea15304bd24355b219103aaf4c774ca82ec47b9def5f4bd2c38b125ad914fe8a delve-debuginfo-1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64.rpm SHA-256: 94e586cbd77e5cc8b98fda58a90d5ff365ddab1d155dd5f4e0ad4eac90e7ce1f delve-debugsource-1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64.rpm SHA-256: f654ab129b47aa437f717237ffc37c66a4716d81ac8575066939c76811eb0c6b go-toolset-1.15.14-3.module+el8.4.0+22765+91da4d3f.x86_64.rpm SHA-256: 1ce3686ed1e446ef30b0d7ff75718b2098a04f1703f84d00086359ed90bb348e golang-1.15.14-22.module+el8.4.0+24267+d2faeddf.x86_64.rpm SHA-256: 158fa30296e1ccba0a33df949201783a88b8e49f89e922cc939a1923910da500 golang-bin-1.15.14-22.module+el8.4.0+24267+d2faeddf.x86_64.rpm SHA-256: 950ec652914a80c6aa12b2032af5388ccfcac5aa8a6775787b1435e65c464695 golang-docs-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: 5081785cf0b052bffc86b2a8b57830aa4e0d5219abbafad6d54ed46e4d3b9ad6 golang-misc-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: e900b0e9ccdc0db5fd1542fd67a8c9e8d706f210e31b534713a8594bb305a633 golang-race-1.15.14-22.module+el8.4.0+24267+d2faeddf.x86_64.rpm SHA-256: b2b93845d1c341a1aee96d20a2863f4db7d9d9584771cd2f9943917072c0fa73 golang-src-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: aebc112bfd34867bc2b60ceaf8cd7748473b051f636cfb9b53f69a95ef874cc5 golang-tests-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: 6cab887cd50e15d019f7470fc4a0b88c4db668281c65c593e64023d4714a74da Red Hat Enterprise Linux Server - AUS 8.4 SRPM delve-1.5.0-2.module+el8.4.0+8864+58b0fcdb.src.rpm SHA-256: 82330956b947a41b6641b4a58b476507d2aadb0fb314fb775c2a12bb8786733d go-toolset-1.15.14-3.module+el8.4.0+22765+91da4d3f.src.rpm SHA-256: 60c380bd18f2ebad31ca78dcf75724e54134583a8b8d46d6d0867d167b39a70d golang-1.15.14-22.module+el8.4.0+24267+d2faeddf.src.rpm SHA-256: 1259ab4e7f0f8dc1156a426b453b22f4e93a2c3e24c0cbd0e1fcaef874386f95 x86_64 delve-1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64.rpm SHA-256: ea15304bd24355b219103aaf4c774ca82ec47b9def5f4bd2c38b125ad914fe8a delve-debuginfo-1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64.rpm SHA-256: 94e586cbd77e5cc8b98fda58a90d5ff365ddab1d155dd5f4e0ad4eac90e7ce1f delve-debugsource-1.5.0-2.module+el8.4.0+8864+58b0fcdb.x86_64.rpm SHA-256: f654ab129b47aa437f717237ffc37c66a4716d81ac8575066939c76811eb0c6b go-toolset-1.15.14-3.module+el8.4.0+22765+91da4d3f.x86_64.rpm SHA-256: 1ce3686ed1e446ef30b0d7ff75718b2098a04f1703f84d00086359ed90bb348e golang-1.15.14-22.module+el8.4.0+24267+d2faeddf.x86_64.rpm SHA-256: 158fa30296e1ccba0a33df949201783a88b8e49f89e922cc939a1923910da500 golang-bin-1.15.14-22.module+el8.4.0+24267+d2faeddf.x86_64.rpm SHA-256: 950ec652914a80c6aa12b2032af5388ccfcac5aa8a6775787b1435e65c464695 golang-docs-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: 5081785cf0b052bffc86b2a8b57830aa4e0d5219abbafad6d54ed46e4d3b9ad6 golang-misc-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: e900b0e9ccdc0db5fd1542fd67a8c9e8d706f210e31b534713a8594bb305a633 golang-race-1.15.14-22.module+el8.4.0+24267+d2faeddf.x86_64.rpm SHA-256: b2b93845d1c341a1aee96d20a2863f4db7d9d9584771cd2f9943917072c0fa73 golang-src-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: aebc112bfd34867bc2b60ceaf8cd7748473b051f636cfb9b53f69a95ef874cc5 golang-tests-1.15.14-22.module+el8.4.0+24267+d2faeddf.noarch.rpm SHA-256: 6cab887cd50e15d019f7470fc4a0b88c4db668281c65c593e64023d4714a74da The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .