Red Hat Product Errata RHSA-2026:20587 - Security Advisory Issued: 2026-05-26 Updated: 2026-05-26 RHSA-2026:20587 - Security Advisory Overview Updated Packages Synopsis Moderate: glibc security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): glibc: glibc: Denial of Service via iconv() function with specific character sets (CVE-2026-4046) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for x86_64 8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2453117 - CVE-2026-4046 glibc: glibc: Denial of Service via iconv() function with specific character sets RHEL-173358 - CVE-2026-4437 and CVE-2026-4438: glibc Backport tests to RHEL-8.10.z CVEs CVE-2026-4046 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM glibc-2.28-251.el8_10.37.src.rpm SHA-256: 9b72928f64fb991a8ab27a173110fc243c9565cd0b266228ba7d130b0cf7805b x86_64 compat-libpthread-nonshared-2.28-251.el8_10.37.x86_64.rpm SHA-256: b1c29cf4cb66955bd19736c7a53a27ed915c7cc427ebfc697f637aef303fc227 glibc-2.28-251.el8_10.37.i686.rpm SHA-256: 3c01764062b667ca39f2714b6a16f7588fe125ea4b33e82d4822ec2dea2b608f glibc-2.28-251.el8_10.37.x86_64.rpm SHA-256: aa0b054802b4839b7ab6b1fbd42e3523e2cc717069ecf12b17e6bb620c8f918c glibc-all-langpacks-2.28-251.el8_10.37.x86_64.rpm SHA-256: 60f029d2e72d2e6614d2636a741eece48bd65dc127217204cdba7d735c865f3b glibc-all-langpacks-debuginfo-2.28-251.el8_10.37.i686.rpm SHA-256: 852d8a126c32a4690c50e5f78de3f1635e008c567e8924f82bc870bdf644e293 glibc-all-langpacks-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: dc91d8996760a50e914421f75f2b46ca955de27fd43c2f2afe5e949b34c53fa6 glibc-all-langpacks-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: dc91d8996760a50e914421f75f2b46ca955de27fd43c2f2afe5e949b34c53fa6 glibc-benchtests-debuginfo-2.28-251.el8_10.37.i686.rpm SHA-256: 2cbf9454801c4b2e4a2880eb7f383d296d57c3ca673e7bb38acee207dd8ac6ee glibc-benchtests-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: 4f4a241068fcd1f29ee962c28e4be10ad70f1d59f8b285ba15af613904f0fe12 glibc-benchtests-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: 4f4a241068fcd1f29ee962c28e4be10ad70f1d59f8b285ba15af613904f0fe12 glibc-common-2.28-251.el8_10.37.x86_64.rpm SHA-256: 8a6f9956304185025130b6d3ec684f97227eef50faad2deeb276c670aa0e92e1 glibc-common-debuginfo-2.28-251.el8_10.37.i686.rpm SHA-256: 6358b651028e8fc5c0e92d8fca0aa96cd1745acd2083b9c106f4db9add9e9bb5 glibc-common-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: ccc1ac6b48d66011aa137f79b2b1778ae4cc2f804acd949b96d78635c1f92921 glibc-common-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: ccc1ac6b48d66011aa137f79b2b1778ae4cc2f804acd949b96d78635c1f92921 glibc-debuginfo-2.28-251.el8_10.37.i686.rpm SHA-256: d23f5d4c92a67a01ef4f570dc33bb48c78415642e1cf855c35a0c20b4d2a6598 glibc-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: 7d923394bc365914985a3d868350003c2d754b94c1c55cb5febcfa1085154870 glibc-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: 7d923394bc365914985a3d868350003c2d754b94c1c55cb5febcfa1085154870 glibc-debugsource-2.28-251.el8_10.37.i686.rpm SHA-256: 1a21a9f9b0affedb32230ccda49c88eb71e59693dc9c18ea8d5abd1971ce6c8e glibc-debugsource-2.28-251.el8_10.37.x86_64.rpm SHA-256: cff5e21cba5fc1f89b851a17b842da528512319c6761a9be979947904344b3c0 glibc-debugsource-2.28-251.el8_10.37.x86_64.rpm SHA-256: cff5e21cba5fc1f89b851a17b842da528512319c6761a9be979947904344b3c0 glibc-devel-2.28-251.el8_10.37.i686.rpm SHA-256: 30880acabf95527d0bf410fda1cd4a551230ac875c78e147f900ae1c94dc44d8 glibc-devel-2.28-251.el8_10.37.x86_64.rpm SHA-256: 048073a2f3a9a29e73d425a91d119044eed7016b4df88cc783335e09f821d7fd glibc-doc-2.28-251.el8_10.37.noarch.rpm SHA-256: 2be113a3c01b80d956d3bcee447caa5ff948f1fe8d05812dd86d60c4c1780567 glibc-gconv-extra-2.28-251.el8_10.37.i686.rpm SHA-256: c54bc37302bedb48af58e57ff9f1786601230f611cd82018713401b9d35f6a7c glibc-gconv-extra-2.28-251.el8_10.37.x86_64.rpm SHA-256: b452a1e9f71d9fecf49214fb6dad45099f126056ee5ed0987e76ebd0284724b4 glibc-gconv-extra-debuginfo-2.28-251.el8_10.37.i686.rpm SHA-256: b4f0f155d1b4aa7e2b69cb4d2e25a27bf9a70364e80d7d699985a1ca23edf5c3 glibc-gconv-extra-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: df69dc70f33cffdecb6550648ce133b5faae94138ab0f17d3f298066dc57bf29 glibc-gconv-extra-debuginfo-2.28-251.el8_10.37.x86_64.rpm SHA-256: df69dc70f33cffdecb6550648ce133b5faae94138ab0f17d3f298066dc57bf29 glibc-headers-2.28-251.el8_10.37.i686.rpm SHA-256: a42460e706ed27b3b1a0a78dfe69b133c2247f693fe981674d03c405ff2ab9a1 glibc-headers-2.28-251.el8_10.37.x86_64.rpm SHA-256: 7a779bd16f6944fd13af87efe5a42e188cd3d4e40d7e088edd219cd0cea24c2f glibc-langpack-aa-2.28-251.el8_10.37.x86_64.rpm SHA-256: dec0527681cc81997f2e1358b1e39b50b613f83e3aac94a4f33daac42d2da5d2 glibc-langpack-af-2.28-251.el8_10.37.x86_64.rpm SHA-256: 62d24b521c6f726fd1126038a0f606912b330f3e76741ad1ca2a1192d7b9762e glibc-langpack-agr-2.28-251.el8_10.37.x86_64.rpm SHA-256: b0dc209a442e88186207bb2a5bbf2b0e3a8a87953d00bbc319a98c62bc15634e glibc-langpack-ak-2.28-251.el8_10.37.x86_64.rpm SHA-256: 2ec0ac72576da699523798cea7ec65d3ad477a25b30b190e6bad16754a7953ff glibc-langpack-am-2.28-251.el8_10.37.x86_64.rpm SHA-256: 7f149a83433bbc0e86174c98ecaa1fb34c4fad8436b01638460067adea1c5574 glibc-langpack-an-2.28-251.el8_10.37.x86_64.rpm SHA-256: c93d4e611db2ca887304be1ba5bb13f9ae67f49079cea859fc5d2bcbb3feb83e glibc-langpack-anp-2.28-251.el8_10.37.x86_64.rpm SHA-256: c4a9199e641f13290bb93ae847115dfc39c19e64e274c196ccab36ebc7faa517 glibc-langpack-ar-2.28-251.el8_10.37.x86_64.rpm SHA-256: e298982ce980ba93e9ab19b756bd0edcb3fab03c6258059dc9f2cd04e7ad7796 glibc-langpack-as-2.28-251.el8_10.37.x86_64.rpm SHA-256: 0e2e6b4a1cc6a9db2a9239671d13526520e2ed059e9c61454b64b2d072763ca8 glibc-langpack-ast-2.28-251.el8_10.37.x86_64.rpm SHA-256: 0af736e916c50918c19ee80c4ded47f28104422eedc35b0748d9a714341b0c75 glibc-langpack-ayc-2.28-251.el8_10.37.x86_64.rpm SHA-256: 7427399afd01f2617b671c389f40b7aa8755466e637ce81a0eb3dd67049ec433 glibc-langpack-az-2.28-251.el8_10.37.x86_64.rpm SHA-256: 2918d1d5a13aae429baca60b7fa8e5b360cf7a4e5bfcdb706b8806357bd6abf6 glibc-langpack-be-2.28-251.el8_10.37.x86_64.rpm SHA-256: 86e665087e02b7591b3072778e0eb43b270f331c9cc31e6172b06c87824b3fba glibc-langpack-bem-2.28-251.el8_10.37.x86_64.rpm SHA-256: b20be4e168e78e7520d2343a72238925427d72210aee27e62d23f1347033ad89 glibc-langpack-ber-2.28-251.el8_10.37.x86_64.rpm SHA-256: 6d806261ac84860f4a5fa74e0d34d1998eb0ae70f998471145ead4619aa22695 glibc-langpack-bg-2.28-251.el8_10.37.x86_64.rpm SHA-256: 5bf865ae2f3c2cc8081ebb08755797c6228d5e7bcfdc77f310d9854a70f9b73b glibc-langpack-bhb-2.28-251.el8_10.37.x86_64.rpm SHA-256: 9a3020b54eb806110c134f51fd47a74ee72bac71170307bf05dc59d3dbdba124 glibc-langpack-bho-2.28-251.el8_10.37.x86_64.rpm SHA-256: 20871697f723e5cc6c014fcf95731f5baf1f564d21679f1404159d6c256a97d8 glibc-langpack-bi-2.28-251.el8_10.37.x86_64.rpm SHA-256: fd5e1e19fae08958635c3ff07b6cc4f9aa49b1779bad8d2608a751bb08188f25 glibc-langpack-bn-2.28-251.el8_10.37.x86_64.rpm SHA-256: d6105cbf8b5a24fd063014bf77dc1a043233b3e00a1f89149f913fc93fc83923 glibc-langpack-bo-2.28-251.el8_10.37.x86_64.rpm SHA-256: 4eb3301ebcf8189f0346b30ee33d1d26744e18f041249d9d4c6157561b77c092 glibc-langpack-br-2.28-251.el8_10.37.x86_64.rpm SHA-256: 80880ece6273495ca9494f96588b53974bb35e5924ea030f639534308382030c glibc-langpack-brx-2.28-251.el8_10.37.x86_64.rpm SHA-256: a44e4f906ec96f318af3b9cfda15096812d2e5a7709f3207a3f70c60773f0ebd glibc-langpack-bs-2.28-251.el8_10.37.x86_64.rpm SHA-256: d42c5a412221aafb7adcdc5c6d4ceaa2624b1b04fe3f9a1e6ff76364c599b38f glibc-langpack-byn-2.28-251.el8_10.37.x86_64.rpm SHA-256: 37fab80651f40b4e928ec62d84445dd7436dd09712ac7ec015fa5f9cb29a8c14 glibc-langpack-ca-2.28-251.el8_10.37.x86_64.rpm SHA-256: c758f25c9954c6211efeec798576b29f98a012a9d068fb9cfefd368be7227ec0 glibc-langpack-ce-2.28-251.el8_10.37.x86_64.rpm SHA-256: a6a5fd798b1b132fa69ef6bd0b6daa383e4b1bcf6b990c235c810485db09e0cd glibc-langpack-chr-2.28-251.el8_10.37.x86_64.rpm SHA-256: adfe9bac6e3ebed9194dd5025e7b5ae5715c8b2592560277a0ddd0bed9336f65 glibc-langpack-cmn-2.28-251.el8_10.37.x86_64.rpm SHA-256: 222b1c31fa2ae6ab246bcca94e9805c871b6039c428bb522b3a4ccc