Red Hat Product Errata RHSA-2026:18326 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:18326 - Security Advisory Overview Updated Packages Synopsis Moderate: libvirt security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for libvirt is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Kernel-based Virtual Machine (KVM) offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains packageswhich provide user-space components used to run virtual machines using KVM.The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es): libvirt: Denial of service in XML parsing (CVE-2025-12748) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 10 Release Notes linked from the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Fixes BZ - 2413801 - CVE-2025-12748 libvirt: Denial of service in XML parsing RHEL-110191 - virtqemud crash while detach disk by virsh cmd detach-device-alias concurrently RHEL-72006 - virsh edit can not set "discard_granularity=0" for virtio-blk device RHEL-104238 - Rebase libvirt in RHEL-10.2 RHEL-113574 - Migration fails if qcow2 overlay with data-file is not on shared storage RHEL-62032 - Better error message when attaching unsupported controller RHEL-7038 - optimize CPU flag probing QMP conversation RHEL-79806 - libvirt: Integrate passt --hostname --fqdn options RHEL-92842 - passt process is not cleaned when create a user session domain with vhostuser passt RHEL-95749 - libvirt need add support for USB CD-ROM drive RHEL-87522 - Should reject to config readonly parameter in virtiofs xml for externally launched virtiofsd RHEL-95818 - Improve consistency and usability of 'manual' disk snapshot mode RHEL-80679 - [RFE] Keep vm/qemu around after guest OS shutdown (if backup job is running) RHEL-102925 - The second time migration fails with shared vtpm state RHEL-104216 - Can not cross migrate guest with multiple cpu threads [rhel10.2] RHEL-104427 - Conflict with earlier configuration for group 'kvm' RHEL-118671 - Expose block limits of block nodes RHEL-122751 - Virsh can't guest xml from VMware if guest's second disk is in sub-folder RHEL-126945 - race condition restoring selinux labels RHEL-100716 - libvirt support for loading multiple sets of x509 certificates for PQC hybrid mode RHEL-114412 - Get AVC denials when destroy guest with block disk and snapshots RHEL-138300 - Can't connect VMware env via ipv6 address by virsh [rhel-10.2] RHEL-141820 - virtqemud crashes on the second call dom.setThrottleGroup() [rhel-10] RHEL-144089 - virqemud crash when reverting/deleting external snapshots [rhel-10] RHEL-145080 - Improve debugging of ESX connection URI lookups RHEL-126346 - [RHEL 10.1] libvirt iommufd support for safe device pass-through for TDX RHEL-131335 - [RFE] Add libvirt API for block latency histograms [rhel-10] RHEL-135115 - Libvirt: Support live migration when persistent reservation are used [rhel-10] RHEL-145769 - incremental backup bitmap migration for non-shared qcow2 with data-file contents which are shared RHEL-150351 - Add hotplug support for host device with IOMMUFD RHEL-82645 - [aarch64] [libvirt] UEFI writable variable service in QEMU RHEL-151916 - Virtqemud crash when VFIO hotplug a device CVEs CVE-2025-12748 References https://access.redhat.com/security/updates/classification/#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/html/10.2_release_notes/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM libvirt-11.10.0-12.el10_2.src.rpm SHA-256: 4537a6aabaaa4342ca8dc5794f3aab5d5f231888768168587ee612f6b41574b9 x86_64 libvirt-11.10.0-12.el10_2.x86_64.rpm SHA-256: 3dfb0db633465063ca304f5543ca22cc7bc958229b23a88289deca1a45dc5c5b libvirt-client-11.10.0-12.el10_2.x86_64.rpm SHA-256: d35f4b0126e724809eed9822e1b3a34036236cea2c8d5bb3a14703abfa3ef22f libvirt-client-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: c3e64885397618e5743da09d5c696fb33cdf809eb5fa2d4cb24d2a6dc718c0ee libvirt-client-qemu-11.10.0-12.el10_2.x86_64.rpm SHA-256: 3408da05e9220fb4be3e2f2620a276afe9cde2538f47de78732899db5e9509f4 libvirt-daemon-11.10.0-12.el10_2.x86_64.rpm SHA-256: 3cf24119ad798d789fa1d835435cf463e391b99f2a7baaa0b0411373588bb2bb libvirt-daemon-common-11.10.0-12.el10_2.x86_64.rpm SHA-256: b5468e9782296823b1bf405f7ea76dcc0d7466c52b6bab7733399eb33bc2cdce libvirt-daemon-common-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 9223cf41082eb0e73f88f4b4d1be6a1a720236c1947511b027c5fe6c04337f21 libvirt-daemon-config-network-11.10.0-12.el10_2.x86_64.rpm SHA-256: 8818ac7e104dc220b248a63d393a4bacac6862a7f66a3a1e3e10ea70a1068832 libvirt-daemon-config-nwfilter-11.10.0-12.el10_2.x86_64.rpm SHA-256: 157b0a77fdcfeaba4250a221857214b9c41c713d05ac86dc095fb3cd17ea3f6b libvirt-daemon-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 9db2c965d1712c24eb929adc6771f02416fbfd0f719dcc51dfa3ab22afde6074 libvirt-daemon-driver-interface-11.10.0-12.el10_2.x86_64.rpm SHA-256: fd2965d311cadd9d6033a8b663aedf2dac4e8beffbb04c16b19a5a4c7b98adf4 libvirt-daemon-driver-interface-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: eb32f3b7b888618529a4a92d0866923b1737887dbc0fe2f15bd6f66844051345 libvirt-daemon-driver-network-11.10.0-12.el10_2.x86_64.rpm SHA-256: fe9db60339197295076e98384182983c9e017237320e7effeafc01d955e6aa68 libvirt-daemon-driver-network-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: e7cf4d9b54c958079bedb7efdac7f20b97500ab54b7239df51aac502070f9cb6 libvirt-daemon-driver-nodedev-11.10.0-12.el10_2.x86_64.rpm SHA-256: dec1356b94aee1c98b62ac67417ccde7389984adce6cb964fac057ad490ab94e libvirt-daemon-driver-nodedev-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 4808eab08c6577983454e0370c91f7f1874602702b5f792cb9661ef1c2a4a181 libvirt-daemon-driver-nwfilter-11.10.0-12.el10_2.x86_64.rpm SHA-256: fad9cabd1f550bac907a2c4747436e0338e7ef48dbbfd3131827c1fc2d1dd747 libvirt-daemon-driver-nwfilter-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: d77f860d67260aad9a2a4d1ad8d9ca4342a2876666ef1a126abc51f2551cec8d libvirt-daemon-driver-qemu-11.10.0-12.el10_2.x86_64.rpm SHA-256: 49003bd46bc1159ec890ad67d671a9a2e06118ba766a44e88ebb8cb4c9f2bd6d libvirt-daemon-driver-qemu-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: bc6994911223cf5c5cda122ddf376d6a2f84c791e0db85cdb6780d48d8150e79 libvirt-daemon-driver-secret-11.10.0-12.el10_2.x86_64.rpm SHA-256: 6793c057eec1bdc5ce49fb1638b4753fc675d86c94fb9e05fc053a9260d1b892 libvirt-daemon-driver-secret-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 44cbfac8be5a45f2bc851fdd3d79a0e5e42a49ddc7d8bd357a9c40c233ada5ed libvirt-daemon-driver-storage-11.10.0-12.el10_2.x86_64.rpm SHA-256: 01150f4531d44d22fc6b260fbc1289a10ab2e1f3846041a592029aa9e604cef8 libvirt-daemon-driver-storage-core-11.10.0-12.el10_2.x86_64.rpm SHA-256: 3c33e60b57786754513ad37a9286d30399baa0b6d26909dfce275d2627c2dd9a libvirt-daemon-driver-storage-core-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 24c726feeaf04acba2f017c0cbb1d557c5283951a1d8b83e006783ff5383d88a libvirt-daemon-driver-storage-disk-11.10.0-12.el10_2.x86_64.rpm SHA-256: da661d7400049e3d7367ede4e20bd814f92abd4979b6da5bc53f53bc958d9692 libvirt-daemon-driver-storage-disk-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 0de05feb6246596ace69cf1e1b422dbfc61b95ca998bdc2ab5c63b6a96242054 libvirt-daemon-driver-storage-iscsi-11.10.0-12.el10_2.x86_64.rpm SHA-256: 454be557226112b9c7b7a5a17ca1fd4e9c7850c900bb931478a80b6d4c5c8e9c libvirt-daemon-driver-storage-iscsi-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 60573e44d6e36f5abc3bb5336b74beded074cb17e27062f3db16090f9930a9cd libvirt-daemon-driver-storage-logical-11.10.0-12.el10_2.x86_64.rpm SHA-256: d491913e265cc3aec7873e4d09191f50b608c0048871a1580f412755b627247d libvirt-daemon-driver-storage-logical-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: d08686932105463ce36e6562ac7427c500b6d06a8960e8f5855a34a6445a60a5 libvirt-daemon-driver-storage-mpath-11.10.0-12.el10_2.x86_64.rpm SHA-256: 0e97cd906bf9d90afb2822eecf7fb0d6bd8d376d3eab4129f0d5a275f2acf619 libvirt-daemon-driver-storage-mpath-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 0bda594da00ddcf0d5758b2c569af69cd3e7c117cd0762b4d535f1486e1aa616 libvirt-daemon-driver-storage-rbd-11.10.0-12.el10_2.x86_64.rpm SHA-256: 6a933587c49d0aa863f55e57784df1dd9e4e9953ac639b4672ca27f08adf7d55 libvirt-daemon-driver-storage-rbd-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 21b4d061fa2fd036ba87c1c010dd7a132cbe11788f74a8f1dd7c4fc7bf528335 libvirt-daemon-driver-storage-scsi-11.10.0-12.el10_2.x86_64.rpm SHA-256: 0e4fdf5b07c0e8815591ca76f979b2b8fedf1dd05f37eabc3d8c5d7600269e5b libvirt-daemon-driver-storage-scsi-debuginfo-11.10.0-12.el10_2.x86_64.rpm SHA-256: 7b48878a2d4f058a24c7abdefbba8df74