Red Hat Product Errata RHSA-2026:19200 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19200 - Security Advisory Overview Updated Packages Synopsis Moderate: corosync security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for corosync is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fix(es): corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet (CVE-2026-35091) corosync: Corosync: Denial of Service via integer overflow in join message validation (CVE-2026-35092) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux High Availability for x86_64 9 x86_64 Red Hat Enterprise Linux High Availability for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux High Availability for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux Resilient Storage for x86_64 9 x86_64 Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux Resilient Storage for IBM z Systems 9 s390x Red Hat Enterprise Linux High Availability for IBM z Systems 9 s390x Red Hat Enterprise Linux Resilient Storage for Power, little endian 9 ppc64le Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux High Availability for Power, little endian 9 ppc64le Red Hat Enterprise Linux High Availability for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux High Availability for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux High Availability for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat Enterprise Linux High Availability (for IBM z Systems) - Extended Update Support 9.8 s390x Red Hat Enterprise Linux High Availability (for ARM 64) - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux High Availability for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux High Availability for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux Resilient Storage for x86_64 - 4 years of updates 9.8 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - 4 years of updates 9.8 ppc64le Red Hat Enterprise Linux Resilient Storage for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 9.8 s390x Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Life Cycle 9.8 s390x Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Life Cycle 9.8 x86_64 Fixes BZ - 2453813 - CVE-2026-35091 corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet BZ - 2453814 - CVE-2026-35092 corosync: Corosync: Denial of Service via integer overflow in join message validation CVEs CVE-2026-35091 CVE-2026-35092 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM corosync-3.1.10-1.el9_8.1.src.rpm SHA-256: 0943ce9b0f7ad7f3375be5ba8b5e492a43faccdeb1bee56dbeb058a6be28f9a7 x86_64 corosync-debuginfo-3.1.10-1.el9_8.1.i686.rpm SHA-256: 9071ee74298801c2da296ca462a74e04f8218534c0913da7b1f6667b3c92ca54 corosync-debuginfo-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 8a45e44f6b9ef7a94f95060b5574a913d25188fc50b50bf17f0b04f4f9af1d66 corosync-debugsource-3.1.10-1.el9_8.1.i686.rpm SHA-256: 90619909005139a0f22bddf6c2c18af0e292c0c039c0b7e9180db6cf701e0717 corosync-debugsource-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 9439c57befa59d7d2642237a33af0481c33762a1fce235a62a31661d532af344 corosync-vqsim-debuginfo-3.1.10-1.el9_8.1.i686.rpm SHA-256: 912e2c1610e9a8d1dd476ffaca646ee1558167f192d05df349febdcebc21081c corosync-vqsim-debuginfo-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 7f98b37ac4b88e3a4aacbf471af86dae3eca11f713cb50e042cabe0ddb599644 corosynclib-3.1.10-1.el9_8.1.i686.rpm SHA-256: 2be14d3bad93cd1235179e524e581e588df112e9f8eb343a7a31a4a69b5e7f51 corosynclib-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 71797a2c1410df0507da09346e12459b0446a4d52935f783eab321794ef71deb corosynclib-debuginfo-3.1.10-1.el9_8.1.i686.rpm SHA-256: ee44e3c073c306f99ed8430a20948ee89b9ae648731c5b76bd135b216a699ea3 corosynclib-debuginfo-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: d3a660e57d98fd70876a644e5778503207c6d6bd068423bc7933d2f394d3a87c Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM corosync-3.1.10-1.el9_8.1.src.rpm SHA-256: 0943ce9b0f7ad7f3375be5ba8b5e492a43faccdeb1bee56dbeb058a6be28f9a7 x86_64 corosync-debuginfo-3.1.10-1.el9_8.1.i686.rpm SHA-256: 9071ee74298801c2da296ca462a74e04f8218534c0913da7b1f6667b3c92ca54 corosync-debuginfo-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 8a45e44f6b9ef7a94f95060b5574a913d25188fc50b50bf17f0b04f4f9af1d66 corosync-debugsource-3.1.10-1.el9_8.1.i686.rpm SHA-256: 90619909005139a0f22bddf6c2c18af0e292c0c039c0b7e9180db6cf701e0717 corosync-debugsource-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 9439c57befa59d7d2642237a33af0481c33762a1fce235a62a31661d532af344 corosync-vqsim-debuginfo-3.1.10-1.el9_8.1.i686.rpm SHA-256: 912e2c1610e9a8d1dd476ffaca646ee1558167f192d05df349febdcebc21081c corosync-vqsim-debuginfo-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 7f98b37ac4b88e3a4aacbf471af86dae3eca11f713cb50e042cabe0ddb599644 corosynclib-3.1.10-1.el9_8.1.i686.rpm SHA-256: 2be14d3bad93cd1235179e524e581e588df112e9f8eb343a7a31a4a69b5e7f51 corosynclib-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: 71797a2c1410df0507da09346e12459b0446a4d52935f783eab321794ef71deb corosynclib-debuginfo-3.1.10-1.el9_8.1.i686.rpm SHA-256: ee44e3c073c306f99ed8430a20948ee89b9ae648731c5b76bd135b216a699ea3 corosynclib-debuginfo-3.1.10-1.el9_8.1.x86_64.rpm SHA-256: d3a660e57d98fd70876a644e5778503207c6d6bd068423bc7933d2f394d3a87c Red Hat Enterprise Linux for IBM z Systems 9 SRPM corosync-3.1.10-1.el9_8.1.src.rpm SHA-256: 0943ce9b0f7ad7f3375be5ba8b5e492a43faccdeb1bee56dbeb058a6be28f9a7 s390x corosync-debuginfo-3.1.10-1.el9_8.1.s390x.rpm SHA-256: d0490309035193f5a1fc1444b07a476125e9d2e948afb46572e2fa0755560c75 corosync-debugsource-3.1.10-1.el9_8.1.s390x.rpm SHA-256: f27a4ec23166dcc42b51cf6d1970118a63a16943efab97d82953760470bb891c corosync-vqsim-debuginfo-3.1.10-1.el9_8.1.s390x.rpm SHA-256: d177f110c63127a5865dabda720d6bdf4048b2c5c2ad29962543e0de263c2074 corosynclib-3.1.10-1.el9_8.1.s390x.rpm SHA-256: 9173959f13aff60a4f0504dbd96db3ad9dc94486e92dd20d3a2d0198dc72b874 corosynclib-debuginfo-3.1.10-1.el9_8.1.s390x.rpm SHA-256: 3a413c8c9c7f349124a6748a6026e9e768b6f5164181ac3bf389eeae0dfd8d9f Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM corosync-3.1.10-1.el9_8.1.src.rpm SHA-256: 0943ce9b0f7ad7f3375be5ba8b5e492a43faccdeb1bee56dbeb058a6be28f9a7 s390x corosync-debuginfo-3.1.10-1.el9_8.1.s390x.rpm SHA-256: d0490309035193f5a1fc1444b07a476125e9d2e948afb46572e2fa0755560c75 corosync-debugsource-3.1.10-1.el9_8.1.s390x.rpm SHA-256: f27a4ec23166dcc42b51cf6d1970118a63a