Red Hat Product Errata RHSA-2026:11507 - Security Advisory
Issued:
2026-04-29
Updated:
2026-04-29

RHSA-2026:11507 - Security Advisory

Synopsis

Important: grafana security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grafana is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

  • golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
  • crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)
  • crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x

Fixes

  • BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root
  • BZ - 2456339 - CVE-2026-32280 crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

Red Hat Enterprise Linux for x86_64 8

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
x86_64
grafana-9.2.10-30.el8_10.x86_64.rpm SHA-256: ddc910a8bf4ed04ca986a1288f8106e6bb5233130fd08c06b42a39dec895a994
grafana-debuginfo-9.2.10-30.el8_10.x86_64.rpm SHA-256: 6b5430f8853fd764e2164dcb121baeafda69ac94f4acdc760281eeeee53182d1
grafana-debugsource-9.2.10-30.el8_10.x86_64.rpm SHA-256: 9a86f31ce816b3bb57765a37376b4aa2506dc9436ef0b3431313fc49925273b8
grafana-selinux-9.2.10-30.el8_10.x86_64.rpm SHA-256: 15dcb2087623df4467c6ad362eb31627d088c15f4966e5f888feef381ba880d9

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
s390x
grafana-9.2.10-30.el8_10.s390x.rpm SHA-256: 351ca838052ded24889a7c0e8f4812f7c4354d9649f8e02139b302f82edb6801
grafana-debuginfo-9.2.10-30.el8_10.s390x.rpm SHA-256: d9fbb7c1ff8e3930cc9f18d1fb98c9cc2587b544937f9f88ddf42e2f74a15572
grafana-debugsource-9.2.10-30.el8_10.s390x.rpm SHA-256: a2370b779010547658f5c59b994d0fc355437d92da4518162297073af4462aae
grafana-selinux-9.2.10-30.el8_10.s390x.rpm SHA-256: 8a4c6a9de831ca9264c71d50b043358b861520751fe1b3106774c55154440db8

Red Hat Enterprise Linux for Power, little endian 8

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
ppc64le
grafana-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 91093acb66f94320a3b82684f4927c71d8a999bddee7401c13a0ef83c168212c
grafana-debuginfo-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 0a033317af895393e8fe486503aa64127fd0951c9d38a67f74a49bea6abcf5e7
grafana-debugsource-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 59958a913b1a59eee814936af71f113e441999c722d95c0265b0d776286617a4
grafana-selinux-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 0dac724fd63ee65fa8dee50977a4da986d3c914442fb85d8ac56dc0f314eef6e

Red Hat Enterprise Linux for ARM 64 8

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
aarch64
grafana-9.2.10-30.el8_10.aarch64.rpm SHA-256: 0182885c5f2949514dac760bb17b8746a117ac2477f284fdfff6a2db083baff6
grafana-debuginfo-9.2.10-30.el8_10.aarch64.rpm SHA-256: f2d953fbd520a829c075629842c746f5ef601bd9c52b92c41f10c924abfdbed6
grafana-debugsource-9.2.10-30.el8_10.aarch64.rpm SHA-256: 8903cdd9c08845dad3905901d6a9bd4945bcf485d4f3c5277c72e40852648153
grafana-selinux-9.2.10-30.el8_10.aarch64.rpm SHA-256: 30b03f2f7ee132e2d3064782a0f3abedd643c4dd0959950bcbcc8104c8925f91

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
x86_64
grafana-9.2.10-30.el8_10.x86_64.rpm SHA-256: ddc910a8bf4ed04ca986a1288f8106e6bb5233130fd08c06b42a39dec895a994
grafana-debuginfo-9.2.10-30.el8_10.x86_64.rpm SHA-256: 6b5430f8853fd764e2164dcb121baeafda69ac94f4acdc760281eeeee53182d1
grafana-debugsource-9.2.10-30.el8_10.x86_64.rpm SHA-256: 9a86f31ce816b3bb57765a37376b4aa2506dc9436ef0b3431313fc49925273b8
grafana-selinux-9.2.10-30.el8_10.x86_64.rpm SHA-256: 15dcb2087623df4467c6ad362eb31627d088c15f4966e5f888feef381ba880d9

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
aarch64
grafana-9.2.10-30.el8_10.aarch64.rpm SHA-256: 0182885c5f2949514dac760bb17b8746a117ac2477f284fdfff6a2db083baff6
grafana-debuginfo-9.2.10-30.el8_10.aarch64.rpm SHA-256: f2d953fbd520a829c075629842c746f5ef601bd9c52b92c41f10c924abfdbed6
grafana-debugsource-9.2.10-30.el8_10.aarch64.rpm SHA-256: 8903cdd9c08845dad3905901d6a9bd4945bcf485d4f3c5277c72e40852648153
grafana-selinux-9.2.10-30.el8_10.aarch64.rpm SHA-256: 30b03f2f7ee132e2d3064782a0f3abedd643c4dd0959950bcbcc8104c8925f91

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
ppc64le
grafana-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 91093acb66f94320a3b82684f4927c71d8a999bddee7401c13a0ef83c168212c
grafana-debuginfo-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 0a033317af895393e8fe486503aa64127fd0951c9d38a67f74a49bea6abcf5e7
grafana-debugsource-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 59958a913b1a59eee814936af71f113e441999c722d95c0265b0d776286617a4
grafana-selinux-9.2.10-30.el8_10.ppc64le.rpm SHA-256: 0dac724fd63ee65fa8dee50977a4da986d3c914442fb85d8ac56dc0f314eef6e

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10

SRPM
grafana-9.2.10-30.el8_10.src.rpm SHA-256: 884a6181bb764ffa74c6316d4d478ad0adaf4d301b1572110fff1c7140b1d5bc
s390x
grafana-9.2.10-30.el8_10.s390x.rpm SHA-256: 351ca838052ded24889a7c0e8f4812f7c4354d9649f8e02139b302f82edb6801
grafana-debuginfo-9.2.10-30.el8_10.s390x.rpm SHA-256: d9fbb7c1ff8e3930cc9f18d1fb98c9cc2587b544937f9f88ddf42e2f74a15572
grafana-debugsource-9.2.10-30.el8_10.s390x.rpm SHA-256: a2370b779010547658f5c59b994d0fc355437d92da4518162297073af4462aae
grafana-selinux-9.2.10-30.el8_10.s390x.rpm SHA-256: 8a4c6a9de831ca9264c71d50b043358b861520751fe1b3106774c55154440db8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.