Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:20556: Important: grafana security update

cve-2026-32282red-hatgrafanacve-2026-32283cve-2026-32280
This security update addresses three vulnerabilities in Grafana's underlying Go runtime: a medium-severity symlink escape via Root.Chmod (CVE-2026-32282, CVSS 6.4) and two high-severity denial-of-service flaws in TLS 1.3 key updates and certificate chain building (CVE-2026-32283 & CVE-2026-32280, both CVSS 7.5). The affected Go versions are prior to 1.25.9 and from 1.26.0 through 1.26.1, requiring an update to Go 1.25.9 or 1.26.2. The patched Grafana packages are now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Read Full Article →

Red Hat Product Errata RHSA-2026:20556 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20556 - Security Advisory Overview Updated Packages Synopsis Important: grafana security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282) crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-32280 CVE-2026-32282 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 x86_64 grafana-10.2.6-21.el9_6.x86_64.rpm SHA-256: 356ee4bde648dd125599e2d593524d76c6b999a96c41b6d1b9f301d277c8f544 grafana-debuginfo-10.2.6-21.el9_6.x86_64.rpm SHA-256: 16dc1a15d1845cce44bf30d6ac2e77617eb678237156f4df4000df0f9a5a2937 grafana-debugsource-10.2.6-21.el9_6.x86_64.rpm SHA-256: de2b2614d7aa4894e338d217f049e3186d9baa57e164161b1f16d771ed9a762b grafana-selinux-10.2.6-21.el9_6.x86_64.rpm SHA-256: 4397dc0fbb47b8646ec7826c94e8f8590404920518f9d4bc15bfe4855a27b5ea Red Hat Enterprise Linux Server - AUS 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 x86_64 grafana-10.2.6-21.el9_6.x86_64.rpm SHA-256: 356ee4bde648dd125599e2d593524d76c6b999a96c41b6d1b9f301d277c8f544 grafana-debuginfo-10.2.6-21.el9_6.x86_64.rpm SHA-256: 16dc1a15d1845cce44bf30d6ac2e77617eb678237156f4df4000df0f9a5a2937 grafana-debugsource-10.2.6-21.el9_6.x86_64.rpm SHA-256: de2b2614d7aa4894e338d217f049e3186d9baa57e164161b1f16d771ed9a762b grafana-selinux-10.2.6-21.el9_6.x86_64.rpm SHA-256: 4397dc0fbb47b8646ec7826c94e8f8590404920518f9d4bc15bfe4855a27b5ea Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 s390x grafana-10.2.6-21.el9_6.s390x.rpm SHA-256: dc4ee1ca59855b372b6d6238f0321192e81122cf433f6c189da49b43c9c4f860 grafana-debuginfo-10.2.6-21.el9_6.s390x.rpm SHA-256: 3f04929ef85b5024895dd0bf5e4a4b640ef475bbfa3969079d4da6cd505ee133 grafana-debugsource-10.2.6-21.el9_6.s390x.rpm SHA-256: 8863b06f91234e37a1b9eb636986076dd032b4b36592fdf936ba5265004418d6 grafana-selinux-10.2.6-21.el9_6.s390x.rpm SHA-256: 38bcd40ba3750edf1184fd87ae8ae734772ed1be6581ad952018667f292e213e Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 ppc64le grafana-10.2.6-21.el9_6.ppc64le.rpm SHA-256: 5e065b2dc1247bf766e899817a4eff07add80f6fadd460a540807e559fcbba87 grafana-debuginfo-10.2.6-21.el9_6.ppc64le.rpm SHA-256: 7a83ab64bb10c9f8a7a46c0e73af08b6aa87794d45eabb583b5567654f1b57aa grafana-debugsource-10.2.6-21.el9_6.ppc64le.rpm SHA-256: f7263b5a926d76a0300457150d7833f08bfbcb06bc93d3eb113c01e1a588d9ff grafana-selinux-10.2.6-21.el9_6.ppc64le.rpm SHA-256: c42a17f9ab00ada306c986d7e4235b1b7d0e9e1baaa9c490595559ce3550670d Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 aarch64 grafana-10.2.6-21.el9_6.aarch64.rpm SHA-256: 4c1b8b894d6dae637f62ace7354d6389cdefaf28b78cce3d354c10ccd508c6ec grafana-debuginfo-10.2.6-21.el9_6.aarch64.rpm SHA-256: 08135fbc235e71bca3cac719c279783aa6e819f1530190d41956ec84ec024ec5 grafana-debugsource-10.2.6-21.el9_6.aarch64.rpm SHA-256: 7117a2bdec65e344fe7f6e2d668bedad069efc1264d6f56f2506d9bd1f6bc2bd grafana-selinux-10.2.6-21.el9_6.aarch64.rpm SHA-256: 1a09fa4b64a9d0e76170cd7385057f120b85b8c85680c8e863c544bf5c03cd75 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 ppc64le grafana-10.2.6-21.el9_6.ppc64le.rpm SHA-256: 5e065b2dc1247bf766e899817a4eff07add80f6fadd460a540807e559fcbba87 grafana-debuginfo-10.2.6-21.el9_6.ppc64le.rpm SHA-256: 7a83ab64bb10c9f8a7a46c0e73af08b6aa87794d45eabb583b5567654f1b57aa grafana-debugsource-10.2.6-21.el9_6.ppc64le.rpm SHA-256: f7263b5a926d76a0300457150d7833f08bfbcb06bc93d3eb113c01e1a588d9ff grafana-selinux-10.2.6-21.el9_6.ppc64le.rpm SHA-256: c42a17f9ab00ada306c986d7e4235b1b7d0e9e1baaa9c490595559ce3550670d Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 x86_64 grafana-10.2.6-21.el9_6.x86_64.rpm SHA-256: 356ee4bde648dd125599e2d593524d76c6b999a96c41b6d1b9f301d277c8f544 grafana-debuginfo-10.2.6-21.el9_6.x86_64.rpm SHA-256: 16dc1a15d1845cce44bf30d6ac2e77617eb678237156f4df4000df0f9a5a2937 grafana-debugsource-10.2.6-21.el9_6.x86_64.rpm SHA-256: de2b2614d7aa4894e338d217f049e3186d9baa57e164161b1f16d771ed9a762b grafana-selinux-10.2.6-21.el9_6.x86_64.rpm SHA-256: 4397dc0fbb47b8646ec7826c94e8f8590404920518f9d4bc15bfe4855a27b5ea Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 aarch64 grafana-10.2.6-21.el9_6.aarch64.rpm SHA-256: 4c1b8b894d6dae637f62ace7354d6389cdefaf28b78cce3d354c10ccd508c6ec grafana-debuginfo-10.2.6-21.el9_6.aarch64.rpm SHA-256: 08135fbc235e71bca3cac719c279783aa6e819f1530190d41956ec84ec024ec5 grafana-debugsource-10.2.6-21.el9_6.aarch64.rpm SHA-256: 7117a2bdec65e344fe7f6e2d668bedad069efc1264d6f56f2506d9bd1f6bc2bd grafana-selinux-10.2.6-21.el9_6.aarch64.rpm SHA-256: 1a09fa4b64a9d0e76170cd7385057f120b85b8c85680c8e863c544bf5c03cd75 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 s390x grafana-10.2.6-21.el9_6.s390x.rpm SHA-256: dc4ee1ca59855b372b6d6238f0321192e81122cf433f6c189da49b43c9c4f860 grafana-debuginfo-10.2.6-21.el9_6.s390x.rpm SHA-256: 3f04929ef85b5024895dd0bf5e4a4b640ef475bbfa3969079d4da6cd505ee133 grafana-debugsource-10.2.6-21.el9_6.s390x.rpm SHA-256: 8863b06f91234e37a1b9eb636986076dd032b4b36592fdf936ba5265004418d6 grafana-selinux-10.2.6-21.el9_6.s390x.rpm SHA-256: 38bcd40ba3750edf1184fd87ae8ae734772ed1be6581ad952018667f292e213e Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 x86_64 grafana-10.2.6-21.el9_6.x86_64.rpm SHA-256: 356ee4bde648dd125599e2d593524d76c6b999a96c41b6d1b9f301d277c8f544 grafana-debuginfo-10.2.6-21.el9_6.x86_64.rpm SHA-256: 16dc1a15d1845cce44bf30d6ac2e77617eb678237156f4df4000df0f9a5a2937 grafana-debugsource-10.2.6-21.el9_6.x86_64.rpm SHA-256: de2b2614d7aa4894e338d217f049e3186d9baa57e164161b1f16d771ed9a762b grafana-selinux-10.2.6-21.el9_6.x86_64.rpm SHA-256: 4397dc0fbb47b8646ec7826c94e8f8590404920518f9d4bc15bfe4855a27b5ea Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 SRPM grafana-10.2.6-21.el9_6.src.rpm SHA-256: 8fc2fd1118aae7d36b6573032f9d34ce110dfa61c41491f68d81a85141d3c070 aarch64 grafana-10.2.6-21.el9_6.aarch64.rpm SHA-256: 4c1b8b894d6dae637f62ace7354d6389cdefaf28b78cce3d354c10ccd508c6ec grafana-debuginfo-10.2.6-21.el9_6.aarch64.

Related Articles

INFO RHSA-2026:15980: Important: rhc security update Red Hat Errata HIGH RHSA-2026:16875: Important: git-lfs security update Red Hat Errata HIGH RHSA-2026:19135: Important: opentelemetry-collector security update Red Hat Errata HIGH RHSA-2026:19350: Important: git-lfs security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn