Issued:: 2026-05-05
Updated:: 2026-05-05

RHSA-2026:13854 - Security Advisory

Overview
Updated Packages

Synopsis

Important: LibRaw security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for LibRaw is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

LibRaw is a library for reading RAW files obtained from digital photo cameras (CRW/CR2, NEF, RAF, DNG, and others).

Security Fix(es):

LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file (CVE-2026-24450)
LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading (CVE-2026-21413)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x

Fixes

BZ - 2455925 - CVE-2026-24450 LibRaw: LibRaw: Arbitrary code execution via a specially crafted malicious file
BZ - 2455929 - CVE-2026-21413 LibRaw: LibRaw: Arbitrary code execution via heap-based buffer overflow in lossless JPEG loading

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
x86_64
LibRaw-0.21.1-2.el9_6.i686.rpm	SHA-256: f1a87d03a4b138c0c8e620f45b20d632e028cfd11136def550a92561281dfa28
LibRaw-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e84017d570a2e3adbbd9b640b35065107c722d59a964a6501f0087702ce1b45b
LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0
LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4
LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm	SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546
LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8
LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff
LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
x86_64
LibRaw-0.21.1-2.el9_6.i686.rpm	SHA-256: f1a87d03a4b138c0c8e620f45b20d632e028cfd11136def550a92561281dfa28
LibRaw-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e84017d570a2e3adbbd9b640b35065107c722d59a964a6501f0087702ce1b45b
LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0
LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4
LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm	SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546
LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8
LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff
LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
s390x
LibRaw-0.21.1-2.el9_6.s390x.rpm	SHA-256: 803ee6355c3a4a968290dac28123db4a9f999358a34df2474964254c199be9a4
LibRaw-debuginfo-0.21.1-2.el9_6.s390x.rpm	SHA-256: 11ef8f992a037bced1f734e65895ad51a0c67df133d569743a0c304027e8453a
LibRaw-debugsource-0.21.1-2.el9_6.s390x.rpm	SHA-256: 86af249a94a0110d4e082c94ee0a993bf7a8e10ded1aded4277994d6bdb07280
LibRaw-samples-debuginfo-0.21.1-2.el9_6.s390x.rpm	SHA-256: e39075b969f9eea68292b5766cee18ef966328a2ca5c0f071e22a1cdd7af0646

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
ppc64le
LibRaw-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: ccf65fa9f5b078b97ea5d1dee18f599d18826bba4840f8c634c470e753887b77
LibRaw-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: c9d8b04d19bbd37ddd38f7b1466af2e7220ad6727fec0bb8911071ae7d254155
LibRaw-debugsource-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 154d154eb62be6881a9a1231eb6ca446608f2dbbf1e209017c408f3e05888545
LibRaw-samples-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 5f8642800688d21b3da4bd7f14bd3188da77df438ab8dfa20bd7b628005bdfe1

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
aarch64
LibRaw-0.21.1-2.el9_6.aarch64.rpm	SHA-256: ea004e7229ea1696878402796b69a92f420c5c5748f5e2d8365b9cb502f666d4
LibRaw-debuginfo-0.21.1-2.el9_6.aarch64.rpm	SHA-256: a678d6171a86e4755b2ec36b5aa042ca5b83ca076052cec0a81957183e9f58cd
LibRaw-debugsource-0.21.1-2.el9_6.aarch64.rpm	SHA-256: 0f02769158f3548cfbbbc95849f147281570c909b13da9889a446af051235296
LibRaw-samples-debuginfo-0.21.1-2.el9_6.aarch64.rpm	SHA-256: 1ec4f47898594bc595e8caf010af647fb1c132feb8df6a52a5aae5c9d53e1de4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
ppc64le
LibRaw-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: ccf65fa9f5b078b97ea5d1dee18f599d18826bba4840f8c634c470e753887b77
LibRaw-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: c9d8b04d19bbd37ddd38f7b1466af2e7220ad6727fec0bb8911071ae7d254155
LibRaw-debugsource-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 154d154eb62be6881a9a1231eb6ca446608f2dbbf1e209017c408f3e05888545
LibRaw-samples-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 5f8642800688d21b3da4bd7f14bd3188da77df438ab8dfa20bd7b628005bdfe1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
x86_64
LibRaw-0.21.1-2.el9_6.i686.rpm	SHA-256: f1a87d03a4b138c0c8e620f45b20d632e028cfd11136def550a92561281dfa28
LibRaw-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e84017d570a2e3adbbd9b640b35065107c722d59a964a6501f0087702ce1b45b
LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0
LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4
LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm	SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546
LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8
LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff
LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2

Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6

SRPM
x86_64
LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0
LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4
LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm	SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546
LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8
LibRaw-devel-0.21.1-2.el9_6.i686.rpm	SHA-256: 9426b0413a46aafb06cfdfae2c7d21b80cbfa3c2e8ef4367d68359a72b6321bb
LibRaw-devel-0.21.1-2.el9_6.x86_64.rpm	SHA-256: ebf9f64efc9b3f7d8f9d8e5b5a0fb40d7b22ee5066d80f86a4bc7501f5474ee5
LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff
LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2

Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6

SRPM
ppc64le
LibRaw-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: c9d8b04d19bbd37ddd38f7b1466af2e7220ad6727fec0bb8911071ae7d254155
LibRaw-debugsource-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 154d154eb62be6881a9a1231eb6ca446608f2dbbf1e209017c408f3e05888545
LibRaw-devel-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 8b3b70a988b0ebf64ccb1491b90896845bcf62447ec8d71855091a6f7c099fb5
LibRaw-samples-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 5f8642800688d21b3da4bd7f14bd3188da77df438ab8dfa20bd7b628005bdfe1

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
aarch64
LibRaw-0.21.1-2.el9_6.aarch64.rpm	SHA-256: ea004e7229ea1696878402796b69a92f420c5c5748f5e2d8365b9cb502f666d4
LibRaw-debuginfo-0.21.1-2.el9_6.aarch64.rpm	SHA-256: a678d6171a86e4755b2ec36b5aa042ca5b83ca076052cec0a81957183e9f58cd
LibRaw-debugsource-0.21.1-2.el9_6.aarch64.rpm	SHA-256: 0f02769158f3548cfbbbc95849f147281570c909b13da9889a446af051235296
LibRaw-samples-debuginfo-0.21.1-2.el9_6.aarch64.rpm	SHA-256: 1ec4f47898594bc595e8caf010af647fb1c132feb8df6a52a5aae5c9d53e1de4

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
s390x
LibRaw-0.21.1-2.el9_6.s390x.rpm	SHA-256: 803ee6355c3a4a968290dac28123db4a9f999358a34df2474964254c199be9a4
LibRaw-debuginfo-0.21.1-2.el9_6.s390x.rpm	SHA-256: 11ef8f992a037bced1f734e65895ad51a0c67df133d569743a0c304027e8453a
LibRaw-debugsource-0.21.1-2.el9_6.s390x.rpm	SHA-256: 86af249a94a0110d4e082c94ee0a993bf7a8e10ded1aded4277994d6bdb07280
LibRaw-samples-debuginfo-0.21.1-2.el9_6.s390x.rpm	SHA-256: e39075b969f9eea68292b5766cee18ef966328a2ca5c0f071e22a1cdd7af0646

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
x86_64
LibRaw-0.21.1-2.el9_6.i686.rpm	SHA-256: f1a87d03a4b138c0c8e620f45b20d632e028cfd11136def550a92561281dfa28
LibRaw-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e84017d570a2e3adbbd9b640b35065107c722d59a964a6501f0087702ce1b45b
LibRaw-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: ceddd7c609b368d2aba6bcd654dad20c2dd98bbd751786c97e006089216b53c0
LibRaw-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: e0e877e39a9e6e3aec931e6d81893b1b097105b5ec5f7c3f760a5ee58d4419c4
LibRaw-debugsource-0.21.1-2.el9_6.i686.rpm	SHA-256: 61595e6503165b8a686194fab9e22823deb5ed79046ecc0b1e8d272ba90eb546
LibRaw-debugsource-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 2f301654588f5107ee54c146b031d0539daa79f7c95abddc7a653f4d68e71dd8
LibRaw-samples-debuginfo-0.21.1-2.el9_6.i686.rpm	SHA-256: f7847a43e586f0a82fede8af6fee20efacd6cd2e29b783f62672abdf3b07f2ff
LibRaw-samples-debuginfo-0.21.1-2.el9_6.x86_64.rpm	SHA-256: 609686489cb3ec48eb71736cb88f995af7e0d5929db39d6183d07557770590b2

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
aarch64
LibRaw-0.21.1-2.el9_6.aarch64.rpm	SHA-256: ea004e7229ea1696878402796b69a92f420c5c5748f5e2d8365b9cb502f666d4
LibRaw-debuginfo-0.21.1-2.el9_6.aarch64.rpm	SHA-256: a678d6171a86e4755b2ec36b5aa042ca5b83ca076052cec0a81957183e9f58cd
LibRaw-debugsource-0.21.1-2.el9_6.aarch64.rpm	SHA-256: 0f02769158f3548cfbbbc95849f147281570c909b13da9889a446af051235296
LibRaw-samples-debuginfo-0.21.1-2.el9_6.aarch64.rpm	SHA-256: 1ec4f47898594bc595e8caf010af647fb1c132feb8df6a52a5aae5c9d53e1de4

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
ppc64le
LibRaw-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: ccf65fa9f5b078b97ea5d1dee18f599d18826bba4840f8c634c470e753887b77
LibRaw-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: c9d8b04d19bbd37ddd38f7b1466af2e7220ad6727fec0bb8911071ae7d254155
LibRaw-debugsource-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 154d154eb62be6881a9a1231eb6ca446608f2dbbf1e209017c408f3e05888545
LibRaw-samples-debuginfo-0.21.1-2.el9_6.ppc64le.rpm	SHA-256: 5f8642800688d21b3da4bd7f14bd3188da77df438ab8dfa20bd7b628005bdfe1

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6

SRPM
LibRaw-0.21.1-2.el9_6.src.rpm	SHA-256: 5aa3a73f6aa43f98c45ab1bdcc684f2068d6d344f68041091a23ca75bcb3abbd
s390x
LibRaw-0.21.1-2.el9_6.s390x.rpm	SHA-256: 803ee6355c3a4a968290dac28123db4a9f999358a34df2474964254c199be9a4
LibRaw-debuginfo-0.21.1-2.el9_6.s390x.rpm	SHA-256: 11ef8f992a037bced1f734e65895ad51a0c67df133d569743a0c304027e8453a
LibRaw-debugsource-0.21.1-2.el9_6.s390x.rpm	SHA-256: 86af249a94a0110d4e082c94ee0a993bf7a8e10ded1aded4277994d6bdb07280
LibRaw-samples-debuginfo-0.21.1-2.el9_6.s390x.rpm	SHA-256: e39075b969f9eea68292b5766cee18ef966328a2ca5c0f071e22a1cdd7af0646

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation