Red Hat Product Errata RHSA-2026:0602 - Security Advisory
Issued:
2026-01-14
Updated:
2026-01-14

RHSA-2026:0602 - Security Advisory

Synopsis

Moderate: openssl security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openssl is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

  • openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2396054 - CVE-2025-9230 openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
openssl-1.1.1k-14.el8_8.1.src.rpm SHA-256: c76542d7913806357f1ca3d71cc2e10fd9c87436c1ad337538261e70db33b641
x86_64
openssl-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 5acb6d983669dbcd2e6d3ca075e65c608ba17b201883c94d09d71e4c81531a01
openssl-debuginfo-1.1.1k-14.el8_8.1.i686.rpm SHA-256: b322116d56af2f2ed7523a9b54a7b1f722606ccd606e626afc978a7c92e41015
openssl-debuginfo-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 601296d409fea664415dd0950b7f337f1dce53a3387daad4948f92a87b49de0b
openssl-debugsource-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 16b3dfa2667d62a2137da7043b8478ab30faa48445959a4f69c9e51ab30960cd
openssl-debugsource-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: e0ef1b4667240562c34303c872f4a6302da93021e2443d5f212cbc86a0c7d8da
openssl-devel-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 2e523289e304b317b90d2626b1a7e9ad44c645be76fec2a174776705bc776bbc
openssl-devel-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: c506e63888be4352d08280fb7bdbdb33998369347b9c3ca71da1c3705892eb8d
openssl-libs-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 8dd69122beaf25b51d995f6fee4fb45ea0d6dc22686cfa9c087911ec6c7fc30d
openssl-libs-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 4b98544b3aec65ea4d16d9baac0d239f98aec52d6b912113ff8ceb5cb9a8b63d
openssl-libs-debuginfo-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 2961fab5ab973532de30e32f40d746d41a4f6fa002dd0fce9abfc70ff6de6610
openssl-libs-debuginfo-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 130609aeb234a49642ccce7669da1e775b08412647cde08e1e9832a822cd2130
openssl-perl-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: a896bb4daf482612ee6ec6f3ce76cba47f8f3aeb65eea05a019418a28ab0aebe

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
openssl-1.1.1k-14.el8_8.1.src.rpm SHA-256: c76542d7913806357f1ca3d71cc2e10fd9c87436c1ad337538261e70db33b641
x86_64
openssl-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 5acb6d983669dbcd2e6d3ca075e65c608ba17b201883c94d09d71e4c81531a01
openssl-debuginfo-1.1.1k-14.el8_8.1.i686.rpm SHA-256: b322116d56af2f2ed7523a9b54a7b1f722606ccd606e626afc978a7c92e41015
openssl-debuginfo-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 601296d409fea664415dd0950b7f337f1dce53a3387daad4948f92a87b49de0b
openssl-debugsource-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 16b3dfa2667d62a2137da7043b8478ab30faa48445959a4f69c9e51ab30960cd
openssl-debugsource-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: e0ef1b4667240562c34303c872f4a6302da93021e2443d5f212cbc86a0c7d8da
openssl-devel-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 2e523289e304b317b90d2626b1a7e9ad44c645be76fec2a174776705bc776bbc
openssl-devel-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: c506e63888be4352d08280fb7bdbdb33998369347b9c3ca71da1c3705892eb8d
openssl-libs-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 8dd69122beaf25b51d995f6fee4fb45ea0d6dc22686cfa9c087911ec6c7fc30d
openssl-libs-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 4b98544b3aec65ea4d16d9baac0d239f98aec52d6b912113ff8ceb5cb9a8b63d
openssl-libs-debuginfo-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 2961fab5ab973532de30e32f40d746d41a4f6fa002dd0fce9abfc70ff6de6610
openssl-libs-debuginfo-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 130609aeb234a49642ccce7669da1e775b08412647cde08e1e9832a822cd2130
openssl-perl-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: a896bb4daf482612ee6ec6f3ce76cba47f8f3aeb65eea05a019418a28ab0aebe

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
openssl-1.1.1k-14.el8_8.1.src.rpm SHA-256: c76542d7913806357f1ca3d71cc2e10fd9c87436c1ad337538261e70db33b641
ppc64le
openssl-1.1.1k-14.el8_8.1.ppc64le.rpm SHA-256: b234781e8e474b42ff0686ae08bad68e746520dcc3642dac602a67a8926f9e46
openssl-debuginfo-1.1.1k-14.el8_8.1.ppc64le.rpm SHA-256: 51b599c6e0aeeb2aa02e02a9586ec0ba721892abc218694775682221e910deca
openssl-debugsource-1.1.1k-14.el8_8.1.ppc64le.rpm SHA-256: c5d2f5090e8fd5e6728bb028b996ee32720dc77652c9f50837c8927817840156
openssl-devel-1.1.1k-14.el8_8.1.ppc64le.rpm SHA-256: e9912fdce5facab924962188d9c4cce8304281a7e96785789fa80ab66a534a98
openssl-libs-1.1.1k-14.el8_8.1.ppc64le.rpm SHA-256: 86d0f7678bc54cbe20724aa9a18288f919629c61d5cff11ced84a43caff1956a
openssl-libs-debuginfo-1.1.1k-14.el8_8.1.ppc64le.rpm SHA-256: f5fb87c2e690692beb7beaeb96e93623ffd68556447812538b969dfb5eb6ec25
openssl-perl-1.1.1k-14.el8_8.1.ppc64le.rpm SHA-256: 8f3d7e48e8674ce0cba0123e6ab506fdf9136ad7006dbc57094589295f32cbcf

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
openssl-1.1.1k-14.el8_8.1.src.rpm SHA-256: c76542d7913806357f1ca3d71cc2e10fd9c87436c1ad337538261e70db33b641
x86_64
openssl-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 5acb6d983669dbcd2e6d3ca075e65c608ba17b201883c94d09d71e4c81531a01
openssl-debuginfo-1.1.1k-14.el8_8.1.i686.rpm SHA-256: b322116d56af2f2ed7523a9b54a7b1f722606ccd606e626afc978a7c92e41015
openssl-debuginfo-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 601296d409fea664415dd0950b7f337f1dce53a3387daad4948f92a87b49de0b
openssl-debugsource-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 16b3dfa2667d62a2137da7043b8478ab30faa48445959a4f69c9e51ab30960cd
openssl-debugsource-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: e0ef1b4667240562c34303c872f4a6302da93021e2443d5f212cbc86a0c7d8da
openssl-devel-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 2e523289e304b317b90d2626b1a7e9ad44c645be76fec2a174776705bc776bbc
openssl-devel-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: c506e63888be4352d08280fb7bdbdb33998369347b9c3ca71da1c3705892eb8d
openssl-libs-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 8dd69122beaf25b51d995f6fee4fb45ea0d6dc22686cfa9c087911ec6c7fc30d
openssl-libs-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 4b98544b3aec65ea4d16d9baac0d239f98aec52d6b912113ff8ceb5cb9a8b63d
openssl-libs-debuginfo-1.1.1k-14.el8_8.1.i686.rpm SHA-256: 2961fab5ab973532de30e32f40d746d41a4f6fa002dd0fce9abfc70ff6de6610
openssl-libs-debuginfo-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: 130609aeb234a49642ccce7669da1e775b08412647cde08e1e9832a822cd2130
openssl-perl-1.1.1k-14.el8_8.1.x86_64.rpm SHA-256: a896bb4daf482612ee6ec6f3ce76cba47f8f3aeb65eea05a019418a28ab0aebe

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.