Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:20608: Important: containernetworking-plugins security update

rhelcvecve-2026-32283cve-2026-32280
This security update addresses two high-severity Denial of Service vulnerabilities (CVE-2026-32283 and CVE-2026-32280, CVSS 7.5) in the Go libraries used by the containernetworking-plugins package. The vulnerabilities, located in the crypto/tls and crypto/x509 packages, can be triggered via crafted TLS 1.3 key update messages and during certificate chain building, respectively. The underlying Go runtime is affected for versions prior to 1.25.9 and versions 1.26.0 through 1.26.1, with fixes provided in Go versions 1.25.9 and 1.26.2.
Read Full Article →

Red Hat Product Errata RHSA-2026:20608 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20608 - Security Advisory Overview Updated Packages Synopsis Important: containernetworking-plugins security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Security Fix(es): crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283) crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2456338 - CVE-2026-32283 crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVEs CVE-2026-32280 CVE-2026-32283 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a x86_64 containernetworking-plugins-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: b773bad40b2786f513e257f2e89ad264ecb87d5b06e5f883faa2a142c537bb1c containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0a79f8d9a4fc5e294cf2445bdc1b6ac03faffe1c4823b100daf15555c1a75be2 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0fdf995bddc7d94f94083be5f92ab31c5a2b86f3174d0c1972b8ac8092db331a Red Hat Enterprise Linux Server - AUS 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a x86_64 containernetworking-plugins-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: b773bad40b2786f513e257f2e89ad264ecb87d5b06e5f883faa2a142c537bb1c containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0a79f8d9a4fc5e294cf2445bdc1b6ac03faffe1c4823b100daf15555c1a75be2 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0fdf995bddc7d94f94083be5f92ab31c5a2b86f3174d0c1972b8ac8092db331a Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a s390x containernetworking-plugins-1.6.2-3.el9_6.1.s390x.rpm SHA-256: 6a82fed1b366e9368a8eee72431760801e99d12f8d85a336d09370c173fd9fa8 containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.s390x.rpm SHA-256: bd76c708aa83ce8ab8c145dbed55150d53a4fc40fb8e30318a9fb6cc7d336696 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.s390x.rpm SHA-256: c49d6a6fdc5045eb9a769035dbaeb12f5cc8a0490ee8187d33e3b724adf3a98e Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a ppc64le containernetworking-plugins-1.6.2-3.el9_6.1.ppc64le.rpm SHA-256: c67d81d8913805fb467d2d2d130e4fb031cceafb92f4cb555617f7dfb7e2026f containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.ppc64le.rpm SHA-256: f00b9da800abe31ebd79b752695caf6403704b84c38ae680fc155e0aa692b7ba containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.ppc64le.rpm SHA-256: a310ca18e295b6a1484f8d0b2439b70082b2907de5ef8ea2fa2a95ea253d6df5 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a aarch64 containernetworking-plugins-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: 3eae303cddd943657b82c42a77ea0b0876b6297f41fa27c82a648002fe260fa9 containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: 1e40c3ea7354d41d8b1a75928ff4e810edf10e449e2761ce8361966478a499d6 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: a4a411fe4a5430efefc9e0095f3ed4762fde088b4f2a4350032ae1fae58f77c0 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a ppc64le containernetworking-plugins-1.6.2-3.el9_6.1.ppc64le.rpm SHA-256: c67d81d8913805fb467d2d2d130e4fb031cceafb92f4cb555617f7dfb7e2026f containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.ppc64le.rpm SHA-256: f00b9da800abe31ebd79b752695caf6403704b84c38ae680fc155e0aa692b7ba containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.ppc64le.rpm SHA-256: a310ca18e295b6a1484f8d0b2439b70082b2907de5ef8ea2fa2a95ea253d6df5 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a x86_64 containernetworking-plugins-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: b773bad40b2786f513e257f2e89ad264ecb87d5b06e5f883faa2a142c537bb1c containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0a79f8d9a4fc5e294cf2445bdc1b6ac03faffe1c4823b100daf15555c1a75be2 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0fdf995bddc7d94f94083be5f92ab31c5a2b86f3174d0c1972b8ac8092db331a Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a aarch64 containernetworking-plugins-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: 3eae303cddd943657b82c42a77ea0b0876b6297f41fa27c82a648002fe260fa9 containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: 1e40c3ea7354d41d8b1a75928ff4e810edf10e449e2761ce8361966478a499d6 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: a4a411fe4a5430efefc9e0095f3ed4762fde088b4f2a4350032ae1fae58f77c0 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a s390x containernetworking-plugins-1.6.2-3.el9_6.1.s390x.rpm SHA-256: 6a82fed1b366e9368a8eee72431760801e99d12f8d85a336d09370c173fd9fa8 containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.s390x.rpm SHA-256: bd76c708aa83ce8ab8c145dbed55150d53a4fc40fb8e30318a9fb6cc7d336696 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.s390x.rpm SHA-256: c49d6a6fdc5045eb9a769035dbaeb12f5cc8a0490ee8187d33e3b724adf3a98e Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a x86_64 containernetworking-plugins-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: b773bad40b2786f513e257f2e89ad264ecb87d5b06e5f883faa2a142c537bb1c containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0a79f8d9a4fc5e294cf2445bdc1b6ac03faffe1c4823b100daf15555c1a75be2 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.x86_64.rpm SHA-256: 0fdf995bddc7d94f94083be5f92ab31c5a2b86f3174d0c1972b8ac8092db331a Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 SRPM containernetworking-plugins-1.6.2-3.el9_6.1.src.rpm SHA-256: 4a29931d4a8ab2ebe879bbb0a26bc0f84957406417d4533db0460b4c6872f84a aarch64 containernetworking-plugins-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: 3eae303cddd943657b82c42a77ea0b0876b6297f41fa27c82a648002fe260fa9 containernetworking-plugins-debuginfo-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: 1e40c3ea7354d41d8b1a75928ff4e810edf10e449e2761ce8361966478a499d6 containernetworking-plugins-debugsource-1.6.2-3.el9_6.1.aarch64.rpm SHA-256: a4a411fe4a5430efefc9e0095f3ed4762fde088b4f2a4350032ae1fae58f77c0 Red Hat Enterprise Linux for Power, little

Related Articles

HIGH RHSA-2026:20607: Important: buildah security update Red Hat Errata INFO RHSA-2026:16024: Important: golang security update Red Hat Errata HIGH RHSA-2026:17084: Important: gvisor-tap-vsock security update Red Hat Errata HIGH RHSA-2026:17287: Important: podman security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn