Red Hat Product Errata RHSA-2026:0930 - Security Advisory
Issued:
2026-01-21
Updated:
2026-01-21

RHSA-2026:0930 - Security Advisory

Synopsis

Moderate: pcs security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pcs is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.

Security Fix(es):

  • tornado: Tornado Quadratic DoS via Repeated Header Coalescing (CVE-2025-67725)
  • tornado: Tornado Quadratic DoS via Crafted Multipart Parameters (CVE-2025-67726)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux High Availability for x86_64 8 x86_64
  • Red Hat Enterprise Linux High Availability for ARM 64 8 aarch64
  • Red Hat Enterprise Linux Resilient Storage for x86_64 8 x86_64
  • Red Hat Enterprise Linux Resilient Storage for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux High Availability for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux Resilient Storage for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux High Availability for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 8.10 aarch64
  • Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 8.10 ppc64le
  • Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 8.10 s390x
  • Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 8.10 x86_64
  • Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Life Cycle 8.10 ppc64le
  • Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Life Cycle 8.10 s390x
  • Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Life Cycle 8.10 x86_64

Fixes

  • BZ - 2421722 - CVE-2025-67725 tornado: Tornado Quadratic DoS via Repeated Header Coalescing
  • BZ - 2421733 - CVE-2025-67726 tornado: Tornado Quadratic DoS via Crafted Multipart Parameters

Red Hat Enterprise Linux High Availability for x86_64 8

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
x86_64
pcs-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 1e837da509513a1adcbc14daff2d2b42e339f7d7c71ffd3c7bb6d3720369ab86
pcs-snmp-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 10eca32216dfb28d1a8303fa5d5fa20e4e50bae163d293d56f62c498276514aa

Red Hat Enterprise Linux High Availability for ARM 64 8

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
aarch64
pcs-0.10.18-2.el8_10.8.aarch64.rpm SHA-256: 8ac516bee48ec3375c3d9997eadc65f1042b52f4e2d8b780843f3902eea4ffce
pcs-snmp-0.10.18-2.el8_10.8.aarch64.rpm SHA-256: 5810b8dededd943fc916fc7ccc89be09bae8c35d410dfcbeef13ae4127b63a51

Red Hat Enterprise Linux Resilient Storage for x86_64 8

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
x86_64
pcs-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 1e837da509513a1adcbc14daff2d2b42e339f7d7c71ffd3c7bb6d3720369ab86
pcs-snmp-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 10eca32216dfb28d1a8303fa5d5fa20e4e50bae163d293d56f62c498276514aa

Red Hat Enterprise Linux Resilient Storage for IBM z Systems 8

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
s390x
pcs-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9249319a5dae4f30fc47f9eebf90c5a98167253bcc08667a56b4e3e558bf5d62
pcs-snmp-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9e83ab03edee6a6d6b6ce97f5d7f6d67a6f896e71563c2dca8eaf4af46bd27a9

Red Hat Enterprise Linux High Availability for IBM z Systems 8

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
s390x
pcs-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9249319a5dae4f30fc47f9eebf90c5a98167253bcc08667a56b4e3e558bf5d62
pcs-snmp-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9e83ab03edee6a6d6b6ce97f5d7f6d67a6f896e71563c2dca8eaf4af46bd27a9

Red Hat Enterprise Linux Resilient Storage for Power, little endian 8

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
ppc64le
pcs-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: c436b0c332e254a1bf4c103a6fb8a9c8118ec4a8479ce8cc6b10a48bb02340a9
pcs-snmp-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: 7dd53705f55bff61e58a8a214cff33e84e1c335af0cfaad896f621a771167a14

Red Hat Enterprise Linux High Availability for Power, little endian 8

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
ppc64le
pcs-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: c436b0c332e254a1bf4c103a6fb8a9c8118ec4a8479ce8cc6b10a48bb02340a9
pcs-snmp-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: 7dd53705f55bff61e58a8a214cff33e84e1c335af0cfaad896f621a771167a14

Red Hat Enterprise Linux High Availability for ARM 64 - Extended Life Cycle 8.10

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
aarch64
pcs-0.10.18-2.el8_10.8.aarch64.rpm SHA-256: 8ac516bee48ec3375c3d9997eadc65f1042b52f4e2d8b780843f3902eea4ffce
pcs-snmp-0.10.18-2.el8_10.8.aarch64.rpm SHA-256: 5810b8dededd943fc916fc7ccc89be09bae8c35d410dfcbeef13ae4127b63a51

Red Hat Enterprise Linux High Availability for Power, little endian - Extended Life Cycle 8.10

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
ppc64le
pcs-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: c436b0c332e254a1bf4c103a6fb8a9c8118ec4a8479ce8cc6b10a48bb02340a9
pcs-snmp-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: 7dd53705f55bff61e58a8a214cff33e84e1c335af0cfaad896f621a771167a14

Red Hat Enterprise Linux High Availability for IBM z Systems - Extended Life Cycle 8.10

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
s390x
pcs-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9249319a5dae4f30fc47f9eebf90c5a98167253bcc08667a56b4e3e558bf5d62
pcs-snmp-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9e83ab03edee6a6d6b6ce97f5d7f6d67a6f896e71563c2dca8eaf4af46bd27a9

Red Hat Enterprise Linux High Availability for x86_64 - Extended Life Cycle 8.10

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
x86_64
pcs-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 1e837da509513a1adcbc14daff2d2b42e339f7d7c71ffd3c7bb6d3720369ab86
pcs-snmp-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 10eca32216dfb28d1a8303fa5d5fa20e4e50bae163d293d56f62c498276514aa

Red Hat Enterprise Linux Resilient Storage for Power, little endian - Extended Life Cycle 8.10

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
ppc64le
pcs-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: c436b0c332e254a1bf4c103a6fb8a9c8118ec4a8479ce8cc6b10a48bb02340a9
pcs-snmp-0.10.18-2.el8_10.8.ppc64le.rpm SHA-256: 7dd53705f55bff61e58a8a214cff33e84e1c335af0cfaad896f621a771167a14

Red Hat Enterprise Linux Resilient Storage for IBM z Systems - Extended Life Cycle 8.10

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
s390x
pcs-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9249319a5dae4f30fc47f9eebf90c5a98167253bcc08667a56b4e3e558bf5d62
pcs-snmp-0.10.18-2.el8_10.8.s390x.rpm SHA-256: 9e83ab03edee6a6d6b6ce97f5d7f6d67a6f896e71563c2dca8eaf4af46bd27a9

Red Hat Enterprise Linux Resilient Storage for x86_64 - Extended Life Cycle 8.10

SRPM
pcs-0.10.18-2.el8_10.8.src.rpm SHA-256: 1ef3f9e60b40a92863740e943912ec113b875e96220b0001d8796275a6efa97a
x86_64
pcs-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 1e837da509513a1adcbc14daff2d2b42e339f7d7c71ffd3c7bb6d3720369ab86
pcs-snmp-0.10.18-2.el8_10.8.x86_64.rpm SHA-256: 10eca32216dfb28d1a8303fa5d5fa20e4e50bae163d293d56f62c498276514aa

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.