Red Hat Product Errata RHSA-2026:10706 - Security Advisory
Issued:
2026-04-27
Updated:
2026-04-27

RHSA-2026:10706 - Security Advisory

Synopsis

Important: rhc security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for rhc is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management.

Security Fix(es):

  • google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x

Fixes

  • BZ - 2449833 - CVE-2026-33186 google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

Red Hat Enterprise Linux for x86_64 9

SRPM
rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18
x86_64
rhc-0.2.7-4.el9_7.x86_64.rpm SHA-256: a0d038d3a5efe48f19ef92b01c9662a71ba8b0c13b0042ccbd18c3a088115c2e
rhc-debuginfo-0.2.7-4.el9_7.x86_64.rpm SHA-256: 6f9cfcf9e7df74edc0812ea2a8cf1785105eb2d00aa7b49c74faabb0adf14e81
rhc-debugsource-0.2.7-4.el9_7.x86_64.rpm SHA-256: 2ac5f46cb84c678619cc63a4aca769615dcdadb18ebb8dbe36667ccca500a620

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18
s390x
rhc-0.2.7-4.el9_7.s390x.rpm SHA-256: 6fdadcff1ffe887cae41fa79821bf1614fa1f9e522755d0c0070c09af06e1c8f
rhc-debuginfo-0.2.7-4.el9_7.s390x.rpm SHA-256: 83de26bed8963e38ed4e25fec9a5108d81e99312c5c8b8fd621e3b3abbbb7467
rhc-debugsource-0.2.7-4.el9_7.s390x.rpm SHA-256: bcad6ea7c78d225b6786d509712406e6eba4be571eeb39cdecc24689aa86f02b

Red Hat Enterprise Linux for Power, little endian 9

SRPM
rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18
ppc64le
rhc-0.2.7-4.el9_7.ppc64le.rpm SHA-256: ff7bd506b4249ca1d607b3c18507ceaf54745314f097502ec5c474a905fa7b6b
rhc-debuginfo-0.2.7-4.el9_7.ppc64le.rpm SHA-256: e1643d36454d356c60133f8524a5cfcaa149b316e19c67cf75a7d977b847c91a
rhc-debugsource-0.2.7-4.el9_7.ppc64le.rpm SHA-256: 093e5f02ffc583c759a8f15ebdbf98b700756d54e6097a7384d82bfdd554c8c9

Red Hat Enterprise Linux for ARM 64 9

SRPM
rhc-0.2.7-4.el9_7.src.rpm SHA-256: 2178480954ecd4379fa19ed992d2218fa4e1815513b3e0a636c002baa159ac18
aarch64
rhc-0.2.7-4.el9_7.aarch64.rpm SHA-256: ef65f0deae919ba9ec1ce2a589fabc84befcd8cbd5794f2b2f0f1d6fefc24a0d
rhc-debuginfo-0.2.7-4.el9_7.aarch64.rpm SHA-256: 28af09be40f0a25e3d744b4791e0969d8b049709cbbe3447aee0079450430276
rhc-debugsource-0.2.7-4.el9_7.aarch64.rpm SHA-256: 2f778c15aa89be0568e378cce7e3f06b2aaee3d6430dde7d7c3bdf0892d928e0

Red Hat CodeReady Linux Builder for x86_64 9

SRPM
x86_64
rhc-debuginfo-0.2.7-4.el9_7.x86_64.rpm SHA-256: 6f9cfcf9e7df74edc0812ea2a8cf1785105eb2d00aa7b49c74faabb0adf14e81
rhc-debugsource-0.2.7-4.el9_7.x86_64.rpm SHA-256: 2ac5f46cb84c678619cc63a4aca769615dcdadb18ebb8dbe36667ccca500a620
rhc-devel-0.2.7-4.el9_7.x86_64.rpm SHA-256: 7c19a2d78c7005eaa12a07181a1be5e2c0490c044b214a7b8f9129ea251f704f

Red Hat CodeReady Linux Builder for Power, little endian 9

SRPM
ppc64le
rhc-debuginfo-0.2.7-4.el9_7.ppc64le.rpm SHA-256: e1643d36454d356c60133f8524a5cfcaa149b316e19c67cf75a7d977b847c91a
rhc-debugsource-0.2.7-4.el9_7.ppc64le.rpm SHA-256: 093e5f02ffc583c759a8f15ebdbf98b700756d54e6097a7384d82bfdd554c8c9
rhc-devel-0.2.7-4.el9_7.ppc64le.rpm SHA-256: 73522d4ac2244d246cc404cff5019b8094fb68b0504a5745fbfd257f79246076

Red Hat CodeReady Linux Builder for ARM 64 9

SRPM
aarch64
rhc-debuginfo-0.2.7-4.el9_7.aarch64.rpm SHA-256: 28af09be40f0a25e3d744b4791e0969d8b049709cbbe3447aee0079450430276
rhc-debugsource-0.2.7-4.el9_7.aarch64.rpm SHA-256: 2f778c15aa89be0568e378cce7e3f06b2aaee3d6430dde7d7c3bdf0892d928e0
rhc-devel-0.2.7-4.el9_7.aarch64.rpm SHA-256: 88c076c9f7acdca160e0a0845338177bae17441fed6f1aecd974d21474cf41c9

Red Hat CodeReady Linux Builder for IBM z Systems 9

SRPM
s390x
rhc-debuginfo-0.2.7-4.el9_7.s390x.rpm SHA-256: 83de26bed8963e38ed4e25fec9a5108d81e99312c5c8b8fd621e3b3abbbb7467
rhc-debugsource-0.2.7-4.el9_7.s390x.rpm SHA-256: bcad6ea7c78d225b6786d509712406e6eba4be571eeb39cdecc24689aa86f02b
rhc-devel-0.2.7-4.el9_7.s390x.rpm SHA-256: 1fecb97de6d798a16d6dfe9639c6394ea8a3bb026318aa1e3e5432899456b14a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.