Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
🔗 CVE IDs covered (53)
📋 Description
CVE-2024-12086 — rsync: rsync server leaks arbitrary client files
CVE-2025-14087 — glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
CVE-2025-14512 — glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow
CVE-2026-3832 — gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response
CVE-2026-3833 — gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
CVE-2026-4046 — glibc: glibc: Denial of Service via iconv() function with specific character sets
CVE-2026-4437 — glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
CVE-2026-4438 — glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
CVE-2026-4878 — libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()
CVE-2026-5260 — gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
CVE-2026-5419 — gnutls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal
CVE-2026-6322 — fast-uri: fast-uri: URI authority bypass due to improper delimiter handling
CVE-2026-7383 — openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
CVE-2026-9076 — openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
CVE-2026-9277 — shell-quote: shell-quote: Arbitrary code execution via command injection due to unescaped line terminators
CVE-2026-28390 — openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
CVE-2026-29518 — rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.
CVE-2026-33845 — gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
CVE-2026-33846 — gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
CVE-2026-34180 — openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
CVE-2026-34181 — openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
CVE-2026-34182 — openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
CVE-2026-34183 — openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
CVE-2026-40355 — krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism
CVE-2026-40356 — krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
CVE-2026-41035 — rsync: Rsync: Use-after-free vulnerability in extended attribute handling
CVE-2026-42009 — gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability
CVE-2026-42010 — gnutls: gnutls: Authentication Bypass via NUL Character in Username
CVE-2026-42011 — gnutls: gnutls: Security bypass due to incorrect name constraint handling
CVE-2026-42012 — gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs
CVE-2026-42013 — gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
CVE-2026-42014 — gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
CVE-2026-42015 — gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling
CVE-2026-42764 — openssl: NULL pointer dereference in QUIC server initial packet handling
CVE-2026-42766 — openssl: Possible NULL Dereference in Password-Based CMS Decryption
CVE-2026-42767 — openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
CVE-2026-42768 — openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
CVE-2026-42769 — openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
CVE-2026-42770 — openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
CVE-2026-43618 — rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding
CVE-2026-44486 — axios: Axios: Information disclosure of proxy credentials via HTTP redirects
CVE-2026-44487 — axios: Axios: Information disclosure of proxy credentials via redirect flows
CVE-2026-44488 — axios: Axios: Denial of Service due to unenforced request and response size limits
CVE-2026-44492 — axios: Axios: Proxy bypass via IPv4-mapped IPv6 address non-normalization
CVE-2026-44494 — axios: Axios: Man-in-the-Middle (MITM) attack via Prototype Pollution
CVE-2026-44495 — axios: Axios: Information disclosure due to prototype pollution vulnerability
CVE-2026-44496 — axios: Axios: Client-side Denial of Service via unescaped regex metacharacters in XSRF cookie name
CVE-2026-45186 — libexpat: denial of service via crafted XML input
CVE-2026-45445 — openssl: AES-OCB IV Ignored on EVP_Cipher() Path
CVE-2026-45446 — openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
CVE-2026-45447 — openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
CVE-2026-45736 — ws: ws: Uninitialized memory disclosure via websocket.close() with TypedArray
CVE-2026-48779 — ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments
🔗 References (57)
- selfhttps://access.redhat.com/errata/RHSA-2026:29197
- externalhttps://access.redhat.com/security/cve/CVE-2024-12086
- externalhttps://access.redhat.com/security/cve/CVE-2025-14087
- externalhttps://access.redhat.com/security/cve/CVE-2025-14512
- externalhttps://access.redhat.com/security/cve/CVE-2026-28390
- externalhttps://access.redhat.com/security/cve/CVE-2026-29518
- externalhttps://access.redhat.com/security/cve/CVE-2026-33845
- externalhttps://access.redhat.com/security/cve/CVE-2026-33846
- externalhttps://access.redhat.com/security/cve/CVE-2026-34180
- externalhttps://access.redhat.com/security/cve/CVE-2026-34181
- externalhttps://access.redhat.com/security/cve/CVE-2026-34182
- externalhttps://access.redhat.com/security/cve/CVE-2026-34183
- externalhttps://access.redhat.com/security/cve/CVE-2026-3832
- externalhttps://access.redhat.com/security/cve/CVE-2026-3833
- externalhttps://access.redhat.com/security/cve/CVE-2026-40355
- externalhttps://access.redhat.com/security/cve/CVE-2026-40356
- externalhttps://access.redhat.com/security/cve/CVE-2026-4046
- externalhttps://access.redhat.com/security/cve/CVE-2026-41035
- externalhttps://access.redhat.com/security/cve/CVE-2026-42009
- externalhttps://access.redhat.com/security/cve/CVE-2026-42010
- externalhttps://access.redhat.com/security/cve/CVE-2026-42011
- externalhttps://access.redhat.com/security/cve/CVE-2026-42012
- externalhttps://access.redhat.com/security/cve/CVE-2026-42013
- externalhttps://access.redhat.com/security/cve/CVE-2026-42014
- externalhttps://access.redhat.com/security/cve/CVE-2026-42015
- externalhttps://access.redhat.com/security/cve/CVE-2026-42764
- externalhttps://access.redhat.com/security/cve/CVE-2026-42766
- externalhttps://access.redhat.com/security/cve/CVE-2026-42767
- externalhttps://access.redhat.com/security/cve/CVE-2026-42768
- externalhttps://access.redhat.com/security/cve/CVE-2026-42769
- externalhttps://access.redhat.com/security/cve/CVE-2026-42770
- externalhttps://access.redhat.com/security/cve/CVE-2026-43618
- externalhttps://access.redhat.com/security/cve/CVE-2026-4437
- externalhttps://access.redhat.com/security/cve/CVE-2026-4438
- externalhttps://access.redhat.com/security/cve/CVE-2026-44486
- externalhttps://access.redhat.com/security/cve/CVE-2026-44487
- externalhttps://access.redhat.com/security/cve/CVE-2026-44488
- externalhttps://access.redhat.com/security/cve/CVE-2026-44492
- externalhttps://access.redhat.com/security/cve/CVE-2026-44494
- externalhttps://access.redhat.com/security/cve/CVE-2026-44495
- externalhttps://access.redhat.com/security/cve/CVE-2026-44496
- externalhttps://access.redhat.com/security/cve/CVE-2026-45186
- externalhttps://access.redhat.com/security/cve/CVE-2026-45445
- externalhttps://access.redhat.com/security/cve/CVE-2026-45446
- externalhttps://access.redhat.com/security/cve/CVE-2026-45447
- externalhttps://access.redhat.com/security/cve/CVE-2026-45736
- externalhttps://access.redhat.com/security/cve/CVE-2026-48779
- externalhttps://access.redhat.com/security/cve/CVE-2026-4878
- externalhttps://access.redhat.com/security/cve/CVE-2026-5260
- externalhttps://access.redhat.com/security/cve/CVE-2026-5419
- externalhttps://access.redhat.com/security/cve/CVE-2026-6322
- externalhttps://access.redhat.com/security/cve/CVE-2026-7383
- externalhttps://access.redhat.com/security/cve/CVE-2026-9076
- externalhttps://access.redhat.com/security/cve/CVE-2026-9277
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_29197.json