Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update

0
High
Published: 07/01/2026 (07/01/2026, 15:01:33 UTC)
Source: GCVE Database
Vendor/Project: Red Hat Product Security
Product: Red Hat

Description

Red Hat has issued a security advisory for Red Hat Hardened Images RPMs addressing two vulnerabilities identified as CVE-2026-54369 and CVE-2026-54370 in the acl package. The update includes new versions of acl, libacl, and libacl-devel RPMs for aarch64 and x86_64 architectures. No explicit patch versions or fixed versions are stated in the advisory. The vulnerabilities relate to weaknesses categorized under CWE-59 (Link Following) and CWE-367 (Time-of-check Time-of-use Race Condition).

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 07/02/2026, 23:24:20 UTC

Technical Analysis

This advisory from Red Hat Product Security addresses two security vulnerabilities (CVE-2026-54369 and CVE-2026-54370) in the acl package included in Red Hat Hardened Images RPMs. The affected RPMs are acl, libacl, and libacl-devel versions 2.4.0-0.1.hum1 for aarch64 and x86_64 architectures. The vulnerabilities correspond to CWE-59 and CWE-367, indicating issues related to symbolic link following and race conditions, respectively. The advisory provides updated RPMs as a security update but does not specify fixed version numbers or detailed patch information. No known exploits in the wild have been reported. The update is available via Red Hat's image repository.

Potential Impact

The vulnerabilities affect the acl package in Red Hat Hardened Images RPMs and could potentially allow unauthorized actions related to file access control due to symbolic link and race condition weaknesses. The advisory classifies the severity as high but does not provide CVSS scores or detailed impact scenarios. No known exploitation in the wild has been reported at the time of this advisory.

Mitigation Recommendations

Red Hat has released updated RPMs (acl-2.4.0-0.1.hum1 and related packages) as a security update to address these vulnerabilities. Users of Red Hat Hardened Images should apply these updates as provided by Red Hat. Since this is an official security advisory with updated packages available, applying the update is the recommended remediation. Patch status beyond the advisory is not explicitly detailed; users should consult the Red Hat advisory links for the latest update instructions and confirmation.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Csaf Category
csaf_security_advisory
Csaf Version
2.0
Publisher
Red Hat Product Security
Advisory Id
RHSA-2026:34351
Cve Count
2
Additional Cves
["CVE-2026-54370"]
Cvss Version
null

Threat ID: 6a46ecdd27e9c7971943f87d

Added to database: 07/02/2026, 22:57:33 UTC

Last enriched: 07/02/2026, 23:24:20 UTC

Last updated: 07/03/2026, 02:51:10 UTC

Views: 3

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses