Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (CUDA)
🔗 CVE IDs covered (12)
📋 Description
CVE-2026-26740 — giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension CVE-2026-33845 — gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment CVE-2026-33846 — gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly CVE-2026-34755 — vLLM: vLLM: Denial of Service due to excessive video frame processing CVE-2026-34756 — vllm: vLLM: Denial of Service via excessively large 'n' parameter in OpenAI-compatible API CVE-2026-34982 — vim: arbitrary command execution via modeline sandbox bypass CVE-2026-41523 — vllm: vLLM: Arbitrary code execution via malicious HuggingFace model CVE-2026-42009 — gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability CVE-2026-42010 — gnutls: gnutls: Authentication Bypass via NUL Character in Username CVE-2026-48746 — vllm: starlette: vLLM: Critical authentication bypass allows unauthorized API access CVE-2026-54235 — vllm: vLLM: Denial of Service due to improper floating-point validation CVE-2026-54283 — starlette: Starlette: request.form() limits silently ignored for application/x-www-form-urlencoded enable DoS
🔗 References (16)
- selfhttps://access.redhat.com/errata/RHSA-2026:36005
- externalhttps://access.redhat.com/security/cve/CVE-2026-26740
- externalhttps://access.redhat.com/security/cve/CVE-2026-33845
- externalhttps://access.redhat.com/security/cve/CVE-2026-33846
- externalhttps://access.redhat.com/security/cve/CVE-2026-34755
- externalhttps://access.redhat.com/security/cve/CVE-2026-34756
- externalhttps://access.redhat.com/security/cve/CVE-2026-34982
- externalhttps://access.redhat.com/security/cve/CVE-2026-41523
- externalhttps://access.redhat.com/security/cve/CVE-2026-42009
- externalhttps://access.redhat.com/security/cve/CVE-2026-42010
- externalhttps://access.redhat.com/security/cve/CVE-2026-48746
- externalhttps://access.redhat.com/security/cve/CVE-2026-54235
- externalhttps://access.redhat.com/security/cve/CVE-2026-54283
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://www.redhat.com/en/products/ai/inference-server
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36005.json