RHSA-2026:2711

Description

Red Hat Security Advisory: Red Hat Ceph Storage 8.1 security and bug fix update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•ceph

  < 2:19.2.1-331.el9cp

• redhat•ceph-base

  < 2:19.2.1-331.el9cp

• redhat•ceph-base-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-common

  < 2:19.2.1-331.el9cp

• redhat•ceph-common-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-debugsource

  < 2:19.2.1-331.el9cp

• redhat•ceph-exporter

  < 2:19.2.1-331.el9cp

• redhat•ceph-exporter-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-fuse

  < 2:19.2.1-331.el9cp

• redhat•ceph-fuse-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-grafana-dashboards

  < 2:19.2.1-331.el9cp

• redhat•ceph-immutable-object-cache

  < 2:19.2.1-331.el9cp

• redhat•ceph-immutable-object-cache-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-mds

  < 2:19.2.1-331.el9cp

• redhat•ceph-mds-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-callhome

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-cephadm

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-dashboard

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-diskprediction-local

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-k8sevents

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-modules-core

  < 2:19.2.1-331.el9cp

• redhat•ceph-mgr-rook

  < 2:19.2.1-331.el9cp

• redhat•ceph-mib

  < 2:19.2.1-331.el9cp

• redhat•ceph-mon

  < 2:19.2.1-331.el9cp

• redhat•ceph-mon-client-nvmeof

  < 2:19.2.1-331.el9cp

• redhat•ceph-mon-client-nvmeof-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-mon-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-node-proxy

  < 2:19.2.1-331.el9cp

• redhat•ceph-osd

  < 2:19.2.1-331.el9cp

• redhat•ceph-osd-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-prometheus-alerts

  < 2:19.2.1-331.el9cp

• redhat•ceph-radosgw

  < 2:19.2.1-331.el9cp

• redhat•ceph-radosgw-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-resource-agents

  < 2:19.2.1-331.el9cp

• redhat•ceph-selinux

  < 2:19.2.1-331.el9cp

• redhat•ceph-test

  < 2:19.2.1-331.el9cp

• redhat•ceph-test-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•ceph-volume

  < 2:19.2.1-331.el9cp

• redhat•cephadm

  < 2:19.2.1-331.el9cp

• redhat•cephfs-mirror

  < 2:19.2.1-331.el9cp

• redhat•cephfs-mirror-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•cephfs-shell

  < 2:19.2.1-331.el9cp

• redhat•cephfs-top

  < 2:19.2.1-331.el9cp

• redhat•libcephfs-daemon

  < 2:19.2.1-331.el9cp

• redhat•libcephfs-daemon-debuginfo

  < 2:19.2.1-331.el9cp

• redhat•libcephfs-devel

  < 2:19.2.1-331.el9cp

• redhat•libcephfs-proxy2

  < 2:19.2.1-331.el9cp

Showing first 50 affected entries in server-rendered view.

References (54)

• https://access.redhat.com/errata/RHSA-2026:2711
• https://access.redhat.com/security/updates/classification/#important
• https://bugzilla.redhat.com/show_bug.cgi?id=2112230
• https://bugzilla.redhat.com/show_bug.cgi?id=2151848
• https://bugzilla.redhat.com/show_bug.cgi?id=2250568
• https://bugzilla.redhat.com/show_bug.cgi?id=2320312
• https://bugzilla.redhat.com/show_bug.cgi?id=2325394
• https://bugzilla.redhat.com/show_bug.cgi?id=2356539
• https://bugzilla.redhat.com/show_bug.cgi?id=2389907
• https://bugzilla.redhat.com/show_bug.cgi?id=2389970
• https://bugzilla.redhat.com/show_bug.cgi?id=2406674
• https://bugzilla.redhat.com/show_bug.cgi?id=2407258
• https://bugzilla.redhat.com/show_bug.cgi?id=2411968
• https://bugzilla.redhat.com/show_bug.cgi?id=2412473
• https://bugzilla.redhat.com/show_bug.cgi?id=2413969
• https://bugzilla.redhat.com/show_bug.cgi?id=2414843
• https://bugzilla.redhat.com/show_bug.cgi?id=2415380
• https://bugzilla.redhat.com/show_bug.cgi?id=2415838
• https://bugzilla.redhat.com/show_bug.cgi?id=2416558
• https://bugzilla.redhat.com/show_bug.cgi?id=2416559
• https://bugzilla.redhat.com/show_bug.cgi?id=2416777
• https://bugzilla.redhat.com/show_bug.cgi?id=2416987
• https://bugzilla.redhat.com/show_bug.cgi?id=2417015
• https://bugzilla.redhat.com/show_bug.cgi?id=2417688
• https://bugzilla.redhat.com/show_bug.cgi?id=2421434
• https://bugzilla.redhat.com/show_bug.cgi?id=2421706
• https://bugzilla.redhat.com/show_bug.cgi?id=2421743
• https://bugzilla.redhat.com/show_bug.cgi?id=2423404
• https://bugzilla.redhat.com/show_bug.cgi?id=2424278
• https://bugzilla.redhat.com/show_bug.cgi?id=2427566
• https://bugzilla.redhat.com/show_bug.cgi?id=2431960
• https://bugzilla.redhat.com/show_bug.cgi?id=2432068
• https://bugzilla.redhat.com/show_bug.cgi?id=2432370
• https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2711.json
• https://access.redhat.com/security/cve/CVE-2019-10790
• https://www.cve.org/CVERecord?id=CVE-2019-10790
• https://nvd.nist.gov/vuln/detail/CVE-2019-10790
• https://security.snyk.io/vuln/SNYK-JS-TAFFYDB-2992450
• https://snyk.io/vuln/SNYK-JS-TAFFY-546521
• https://www.usenix.org/system/files/sec21-xiao.pdf
• https://access.redhat.com/security/cve/CVE-2022-34749
• https://www.cve.org/CVERecord?id=CVE-2022-34749
• https://nvd.nist.gov/vuln/detail/CVE-2022-34749
• https://github.com/lepture/mistune/commit/a6d43215132fe4f3d93f8d7e90ba83b16a0838b2
• https://access.redhat.com/security/cve/CVE-2024-31884
• https://www.cve.org/CVERecord?id=CVE-2024-31884
• https://nvd.nist.gov/vuln/detail/CVE-2024-31884
• https://access.redhat.com/security/cve/CVE-2025-58183
• https://www.cve.org/CVERecord?id=CVE-2025-58183
• https://nvd.nist.gov/vuln/detail/CVE-2025-58183
• https://go.dev/cl/709861
• https://go.dev/issue/75677
• https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI
• https://pkg.go.dev/vuln/GO-2025-4014