Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
Red Hat has issued a security advisory for Red Hat Hardened Images RPMs addressing vulnerabilities in the gzip package. The update includes gzip version 1.14-2.2.hum1 for aarch64 and x86_64 architectures. Two CVEs are fixed: CVE-2026-41911 and CVE-2026-41991, both related to gzip. The advisory does not specify affected versions or detailed technical impact. No known exploits in the wild have been reported. The severity is assessed as medium by Red Hat.
AI Analysis
Technical Summary
This security advisory from Red Hat addresses vulnerabilities identified by CVE-2026-41911 and CVE-2026-41991 in the gzip RPM package included in Red Hat Hardened Images. The update provides fixed gzip RPMs version 1.14-2.2.hum1 for aarch64 and x86_64 architectures. The advisory references CWE-59, which relates to improper link following, indicating a potential security weakness in gzip. No detailed CVSS score or exploit details are provided. The advisory is published as RHSA-2026:33771 and directs users to update to the provided RPM versions.
Potential Impact
The vulnerabilities affect the gzip package in Red Hat Hardened Images, potentially allowing security issues related to CWE-59 (Improper Link Following). The exact impact is not detailed, but the medium severity suggests a moderate risk that could affect system integrity or security if exploited. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
A security update is available that includes fixed gzip RPMs version 1.14-2.2.hum1 for the affected architectures. Users of Red Hat Hardened Images should apply this update as per Red Hat's instructions available at https://images.redhat.com/. No additional mitigation steps are specified by Red Hat. Patch status is confirmed as fixed in the provided RPM version.
Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
Description
Red Hat has issued a security advisory for Red Hat Hardened Images RPMs addressing vulnerabilities in the gzip package. The update includes gzip version 1.14-2.2.hum1 for aarch64 and x86_64 architectures. Two CVEs are fixed: CVE-2026-41911 and CVE-2026-41991, both related to gzip. The advisory does not specify affected versions or detailed technical impact. No known exploits in the wild have been reported. The severity is assessed as medium by Red Hat.
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This security advisory from Red Hat addresses vulnerabilities identified by CVE-2026-41911 and CVE-2026-41991 in the gzip RPM package included in Red Hat Hardened Images. The update provides fixed gzip RPMs version 1.14-2.2.hum1 for aarch64 and x86_64 architectures. The advisory references CWE-59, which relates to improper link following, indicating a potential security weakness in gzip. No detailed CVSS score or exploit details are provided. The advisory is published as RHSA-2026:33771 and directs users to update to the provided RPM versions.
Potential Impact
The vulnerabilities affect the gzip package in Red Hat Hardened Images, potentially allowing security issues related to CWE-59 (Improper Link Following). The exact impact is not detailed, but the medium severity suggests a moderate risk that could affect system integrity or security if exploited. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
A security update is available that includes fixed gzip RPMs version 1.14-2.2.hum1 for the affected architectures. Users of Red Hat Hardened Images should apply this update as per Red Hat's instructions available at https://images.redhat.com/. No additional mitigation steps are specified by Red Hat. Patch status is confirmed as fixed in the provided RPM version.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:33771
- Cve Count
- 1
- Additional Cves
- []
- Cvss Version
- null
Threat ID: 6a4452db27e9c797198e0520
Added to database: 06/30/2026, 23:35:55 UTC
Last enriched: 06/30/2026, 23:43:42 UTC
Last updated: 07/01/2026, 02:51:10 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.