RHSA-2026:35111HighCVSS 8.8
Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
🔗 CVE IDs covered (4)
📋 Description
CVE-2026-46680 — github.com/containerd/containerd: containerd: Privilege escalation via incorrect user ID handling CVE-2026-47262 — github.com/containerd/containerd: containerd: Denial of Service via maliciously crafted image leading to unbounded group parsing CVE-2026-50195 — github.com/containerd/containerd: containerd: Arbitrary code execution via CRI checkpoint image tag poisoning CVE-2026-53488 — github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin
🔗 References (8)
- selfhttps://access.redhat.com/errata/RHSA-2026:35111
- externalhttps://access.redhat.com/security/cve/CVE-2026-46680
- externalhttps://access.redhat.com/security/cve/CVE-2026-47262
- externalhttps://access.redhat.com/security/cve/CVE-2026-53488
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://images.redhat.com/
- externalhttps://access.redhat.com/security/cve/CVE-2026-50195
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_35111.json