Issued:: 2026-04-30
Updated:: 2026-04-30

RHSA-2026:12340 - Security Advisory

Overview
Updated Packages

Synopsis

Important: OpenEXR security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for OpenEXR is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenEXR is a high dynamic-range (HDR) image file format developed by Industrial Light & Magic for use in computer imaging applications. This package contains libraries and sample applications for handling the format.

Security Fix(es):

openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing (CVE-2026-27622)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2444251 - CVE-2026-27622 openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing

CVEs

CVE-2026-27622

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
OpenEXR-2.2.0-11.el8_2.1.src.rpm	SHA-256: 9e6fc38a79260e04498df1f6d1d5e07fa04b6faf191e2cddc4260a513f326ab6
x86_64
OpenEXR-debuginfo-2.2.0-11.el8_2.1.i686.rpm	SHA-256: 76d566af8d037eb2eac266b6c79a14a8cf47b08e159276bf84890f93e7046263
OpenEXR-debuginfo-2.2.0-11.el8_2.1.x86_64.rpm	SHA-256: 8803a2ed0e98a5a6aebc5fed2c12bb2a272f7f78aaf2f3f2443c46703bc16c09
OpenEXR-debugsource-2.2.0-11.el8_2.1.i686.rpm	SHA-256: 8ebf0d2d3e7a35501d292d93aa0f1977035de376e247a762606949e1466b2b38
OpenEXR-debugsource-2.2.0-11.el8_2.1.x86_64.rpm	SHA-256: ad34af34821bff700f903f9ff0d2985aeb7271a2caca964d0fca8eb52207c18f
OpenEXR-libs-2.2.0-11.el8_2.1.i686.rpm	SHA-256: 694e56f390e14f6f035e8936be8dd030ff2ee00c718454b102f6222ce9f411d8
OpenEXR-libs-2.2.0-11.el8_2.1.x86_64.rpm	SHA-256: 3306874ed3f02214236e4d0052387f6b2adb95f11f6fc64e8747b2f57c0144dc
OpenEXR-libs-debuginfo-2.2.0-11.el8_2.1.i686.rpm	SHA-256: 652126b1c6d063b1a1a485341735ca6d56dcb4b41eb43c1648da479edf6ae7cc
OpenEXR-libs-debuginfo-2.2.0-11.el8_2.1.x86_64.rpm	SHA-256: e87277873934907094eab7ba08023d999a78c2c5300390c1b65cdb9348b2cf53

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation