This security update for the `rhc` client on RHEL 9 addresses two vulnerabilities: an IPv6 parsing flaw in Go's net/url package (CVE-2026-25679, CVSS 7.5 HIGH) and a critical authorization bypass in gRPC-Go due to improper HTTP/2 path validation (CVE-2026-33186, CVSS 9.1 CRITICAL). The Go vulnerability affects versions prior to 1.25.8 and version 1.26.0, while the gRPC-Go vulnerability affects versions prior to 1.79.3. The advisory provides a link to Red Hat's solution for applying the update.
Red Hat Product Errata RHSA-2026:19207 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19207 - Security Advisory Overview Updated Packages Synopsis Important: rhc security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for rhc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security Fix(es): net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679) google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2445356 - CVE-2026-25679 net/url: Incorrect parsing of IPv6 host literals in net/url BZ - 2449833 - CVE-2026-33186 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation CVEs CVE-2026-25679 CVE-2026-33186 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 x86_64 rhc-0.2.7-5.el9_8.x86_64.rpm SHA-256: 2fe68bf7ea7349bf706ba5d4ac1dd0d19b1f570e292f5b8aef8b97fc015abbd1 rhc-debuginfo-0.2.7-5.el9_8.x86_64.rpm SHA-256: e8219f1067a989cc58f3fdcb07df5111d6d40526adfe74c02b2cec316fee767d rhc-debugsource-0.2.7-5.el9_8.x86_64.rpm SHA-256: ed8ac830b6b9b522458ee1f98732936d963af6afedad136a71cf3eea53be895a Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 x86_64 rhc-0.2.7-5.el9_8.x86_64.rpm SHA-256: 2fe68bf7ea7349bf706ba5d4ac1dd0d19b1f570e292f5b8aef8b97fc015abbd1 rhc-debuginfo-0.2.7-5.el9_8.x86_64.rpm SHA-256: e8219f1067a989cc58f3fdcb07df5111d6d40526adfe74c02b2cec316fee767d rhc-debugsource-0.2.7-5.el9_8.x86_64.rpm SHA-256: ed8ac830b6b9b522458ee1f98732936d963af6afedad136a71cf3eea53be895a Red Hat Enterprise Linux for IBM z Systems 9 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 s390x rhc-0.2.7-5.el9_8.s390x.rpm SHA-256: f14d624e3155e2adccfa8234438a574ae9e57d61c1da3723871c4760dead1640 rhc-debuginfo-0.2.7-5.el9_8.s390x.rpm SHA-256: d6704ee905a20dbf2fa33f6de10a50d532528256c47b916533c1c1ef563e457b rhc-debugsource-0.2.7-5.el9_8.s390x.rpm SHA-256: 45e2ce6616c564e7e9947b2747c293093cb7ede0e334a9971d21709182b2c24f Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 s390x rhc-0.2.7-5.el9_8.s390x.rpm SHA-256: f14d624e3155e2adccfa8234438a574ae9e57d61c1da3723871c4760dead1640 rhc-debuginfo-0.2.7-5.el9_8.s390x.rpm SHA-256: d6704ee905a20dbf2fa33f6de10a50d532528256c47b916533c1c1ef563e457b rhc-debugsource-0.2.7-5.el9_8.s390x.rpm SHA-256: 45e2ce6616c564e7e9947b2747c293093cb7ede0e334a9971d21709182b2c24f Red Hat Enterprise Linux for Power, little endian 9 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 ppc64le rhc-0.2.7-5.el9_8.ppc64le.rpm SHA-256: 4ca636e47d9d0c4d9273532d56c59570d89864df3be1c40791687a6892353add rhc-debuginfo-0.2.7-5.el9_8.ppc64le.rpm SHA-256: b2ddaf878022af58dbc32385d857facb3e7a16232e0b99a2cfe78d8ee85cc4df rhc-debugsource-0.2.7-5.el9_8.ppc64le.rpm SHA-256: e4392bf0e55c4a805b1d8ff7be86d6089d8a5604fed3e6dd13b5e7e9e5b9abd3 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 ppc64le rhc-0.2.7-5.el9_8.ppc64le.rpm SHA-256: 4ca636e47d9d0c4d9273532d56c59570d89864df3be1c40791687a6892353add rhc-debuginfo-0.2.7-5.el9_8.ppc64le.rpm SHA-256: b2ddaf878022af58dbc32385d857facb3e7a16232e0b99a2cfe78d8ee85cc4df rhc-debugsource-0.2.7-5.el9_8.ppc64le.rpm SHA-256: e4392bf0e55c4a805b1d8ff7be86d6089d8a5604fed3e6dd13b5e7e9e5b9abd3 Red Hat Enterprise Linux for ARM 64 9 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 aarch64 rhc-0.2.7-5.el9_8.aarch64.rpm SHA-256: 7e9ef69b3eddd611cd87f4d46f9dab5cfbafe8f3492358b00b544039358d4c18 rhc-debuginfo-0.2.7-5.el9_8.aarch64.rpm SHA-256: f37bc39b6796c7004d9b7fe13bdccb3ef341dda27d3ccf541ff4655664f8dc8d rhc-debugsource-0.2.7-5.el9_8.aarch64.rpm SHA-256: 2c92f2a4ea7c5335b46a2f3b095b01939313e37862770ae446ba4580e2204303 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 aarch64 rhc-0.2.7-5.el9_8.aarch64.rpm SHA-256: 7e9ef69b3eddd611cd87f4d46f9dab5cfbafe8f3492358b00b544039358d4c18 rhc-debuginfo-0.2.7-5.el9_8.aarch64.rpm SHA-256: f37bc39b6796c7004d9b7fe13bdccb3ef341dda27d3ccf541ff4655664f8dc8d rhc-debugsource-0.2.7-5.el9_8.aarch64.rpm SHA-256: 2c92f2a4ea7c5335b46a2f3b095b01939313e37862770ae446ba4580e2204303 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 ppc64le rhc-0.2.7-5.el9_8.ppc64le.rpm SHA-256: 4ca636e47d9d0c4d9273532d56c59570d89864df3be1c40791687a6892353add rhc-debuginfo-0.2.7-5.el9_8.ppc64le.rpm SHA-256: b2ddaf878022af58dbc32385d857facb3e7a16232e0b99a2cfe78d8ee85cc4df rhc-debugsource-0.2.7-5.el9_8.ppc64le.rpm SHA-256: e4392bf0e55c4a805b1d8ff7be86d6089d8a5604fed3e6dd13b5e7e9e5b9abd3 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 SRPM rhc-0.2.7-5.el9_8.src.rpm SHA-256: 933936f4700038881b748f982ef8b102792cbb51c1fb0925ecfb9be2fd18c0f8 x86_64 rhc-0.2.7-5.el9_8.x86_64.rpm SHA-256: 2fe68bf7ea7349bf706ba5d4ac1dd0d19b1f570e292f5b8aef8b97fc015abbd1 rhc-debuginfo-0.2.7-5.el9_8.x86_64.rpm SHA-256: e8219f1067a989cc58f3fdcb07df5111d6d40526adfe74c02b2cec316fee767d rhc-debugsource-0.2.7-5.el9_8.x86_64.rpm SHA-256: ed8ac830b6b9b522458ee1f98732936d963af6afedad136a71cf3eea53be895a Red Hat CodeReady Linux Builder for x86_64 9 SRPM x86_64 rhc-debuginfo-0.2.7-5.el9_8.x86_64.rpm SHA-256: e8219f1067a989cc58f3fdcb07df5111d6d40526adfe74c02b2cec316fee767d rhc-debugsource-0.2.7-5.el9_8.x86_64.rpm SHA-256: ed8ac830b6b9b522458ee1f98732936d963af6afedad136a71cf3eea53be895a rhc-devel-0.2.7-5.el9_8.x86_64.rpm SHA-256: 720816a3e96426d5d57fe616078b2dfe677db2f3c3134218dbe3ac01867c8c95 Red Hat CodeReady Linux Builder for Power, little endian 9 SRPM ppc64le rhc-debuginfo-0.2.7-5.el9_8.ppc64le.rpm SHA-256: b2ddaf878022af58dbc32385d857facb3e7a16232e0b99a2cfe78d8ee85cc4df rhc-debugsource-0.2.7-5.el9_8.ppc64le.rpm SHA-256: e4392bf0e55c4a805b1d8ff7be86d6089d8a5604fed3e6dd13b5e7e9e5b9abd3 rhc-devel-0.2.7-5.el9_8.ppc64le.rpm SHA-256: e40aff933090c7365e96abd3df5f3aa1856c30016b069a157d0eb5110c1b5fe3 Red Hat CodeReady Linux Builder for ARM 64 9 SRPM aarch64 rhc-debuginfo-0.2.7-5.el9_8.aarch64.rpm SHA-256: f37bc39b6796c7004d9b7fe13bdccb3ef341dda27d3ccf541ff4655664f8dc8d rhc-debugsource-0.2.7-5.el9_8.aarch64.rpm SHA-256: 2c92f2a4ea7c5335b46a2f3b095b01939313e37862770ae446ba4580e2204303 rhc-devel-0.2.7-5.el9_8.aarch64.rpm SHA-256: ff9a35edd6ac94d9db7706111303f2478e6baf1db5a931b258bcc783a8e0e858 Red Hat CodeReady Linux Builder for IBM z Systems 9 SRPM s390x rhc-debuginfo-0.2.7-5.el9_8.s390x.rpm SHA-256: