Red Hat Security Advisory: rhc-worker-playbook security update
This advisory addresses security vulnerabilities in the rhc-worker-playbook component of Red Hat Enterprise Linux 10. The rhc-worker-playbook is a worker for yggdrasil that receives and executes Ansible playbooks on the local host. Two security issues are fixed: CVE-2026-32282, where the Root. Chmod function in Go's internal syscall package can follow symlinks outside the intended root directory, and CVE-2026-32283, a denial of service vulnerability in Go's crypto/tls package triggered by multiple TLS 1. 3 key update messages. Red Hat has released updated packages to remediate these issues. The update is rated as Important by Red Hat Product Security. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
The rhc-worker-playbook component in Red Hat Enterprise Linux 10 has two security vulnerabilities fixed in this update. CVE-2026-32282 is a flaw in the Go language's internal syscall/unix package where the Root.Chmod function can follow symbolic links outside the root directory, potentially leading to unauthorized file permission changes. CVE-2026-32283 is a denial of service vulnerability in Go's crypto/tls package caused by processing multiple TLS 1.3 key update messages, which can disrupt TLS connections. The advisory provides updated rhc-worker-playbook packages for multiple architectures and Red Hat Enterprise Linux variants. The vendor rates the security impact as Important and recommends applying the update. No CVSS scores are provided in the advisory.
Potential Impact
Successful exploitation of CVE-2026-32282 could allow an attacker to manipulate file permissions outside the intended root directory via symlink traversal during chmod operations, potentially leading to unauthorized file modifications. CVE-2026-32283 could allow an attacker to cause a denial of service by sending multiple TLS 1.3 key update messages, disrupting secure communications. These vulnerabilities affect the rhc-worker-playbook component that executes Ansible playbooks locally, which may impact system integrity and availability. No known exploits are reported in the wild.
Mitigation Recommendations
Red Hat has released updated rhc-worker-playbook packages addressing these vulnerabilities. Users should apply the security update as described in Red Hat advisory RHSA-2026:11863 and the referenced article https://access.redhat.com/articles/11258. Applying the official update is the recommended remediation. No additional mitigation steps are specified by the vendor. Patch status is confirmed by the vendor advisory.
Red Hat Security Advisory: rhc-worker-playbook security update
Description
This advisory addresses security vulnerabilities in the rhc-worker-playbook component of Red Hat Enterprise Linux 10. The rhc-worker-playbook is a worker for yggdrasil that receives and executes Ansible playbooks on the local host. Two security issues are fixed: CVE-2026-32282, where the Root. Chmod function in Go's internal syscall package can follow symlinks outside the intended root directory, and CVE-2026-32283, a denial of service vulnerability in Go's crypto/tls package triggered by multiple TLS 1. 3 key update messages. Red Hat has released updated packages to remediate these issues. The update is rated as Important by Red Hat Product Security. No known exploits are reported in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The rhc-worker-playbook component in Red Hat Enterprise Linux 10 has two security vulnerabilities fixed in this update. CVE-2026-32282 is a flaw in the Go language's internal syscall/unix package where the Root.Chmod function can follow symbolic links outside the root directory, potentially leading to unauthorized file permission changes. CVE-2026-32283 is a denial of service vulnerability in Go's crypto/tls package caused by processing multiple TLS 1.3 key update messages, which can disrupt TLS connections. The advisory provides updated rhc-worker-playbook packages for multiple architectures and Red Hat Enterprise Linux variants. The vendor rates the security impact as Important and recommends applying the update. No CVSS scores are provided in the advisory.
Potential Impact
Successful exploitation of CVE-2026-32282 could allow an attacker to manipulate file permissions outside the intended root directory via symlink traversal during chmod operations, potentially leading to unauthorized file modifications. CVE-2026-32283 could allow an attacker to cause a denial of service by sending multiple TLS 1.3 key update messages, disrupting secure communications. These vulnerabilities affect the rhc-worker-playbook component that executes Ansible playbooks locally, which may impact system integrity and availability. No known exploits are reported in the wild.
Mitigation Recommendations
Red Hat has released updated rhc-worker-playbook packages addressing these vulnerabilities. Users should apply the security update as described in Red Hat advisory RHSA-2026:11863 and the referenced article https://access.redhat.com/articles/11258. Applying the official update is the recommended remediation. No additional mitigation steps are specified by the vendor. Patch status is confirmed by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:11863
- Cve Count
- 2
- Additional Cves
- ["CVE-2026-32283"]
- Cvss Version
- null
Threat ID: 6a160975e29bf47b506402d9
Added to database: 5/26/2026, 8:58:29 PM
Last enriched: 5/26/2026, 10:09:56 PM
Last updated: 5/27/2026, 4:59:19 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.