SB2026043022 - Red Hat Enterprise Linux 8 update for fence-agents

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2026043022

SB2026043022 - Red Hat Enterprise Linux 8 update for fence-agents

Published: April 30, 2026

Security Bulletin ID SB2026043022
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Insufficient verification of data authenticity (CVE-ID: CVE-2026-26007)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the public_key_from_numbers (or EllipticCurvePublicNumbers.public_key()), EllipticCurvePublicNumbers.public_key(), load_der_public_key() and load_pem_public_key() functions do not verify that the point belongs to the expected prime-order subgroup of the curve. A remote attacker can provide a public key point P from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signature verification (ECDSA) and shared key negotiation (ECDH). When the victim computes the shared secret as S = [victim_private_key]P via ECDH, this leaks information about victim_private_key mod (small_subgroup_order). For curves with cofactor > 1, this reveals the least significant bits of the private key. When these weak public keys are used in ECDSA , it's easy to forge signatures on the small subgroup.


2) Insufficient verification of data authenticity (CVE-ID: CVE-2026-32597)

The vulnerability allows a remote attacker to bypass security policy enforcement.

The vulnerability exists due to insufficient verification of data authenticity in the PyJWT token header validation logic when processing JWS tokens with unknown critical header extensions. A remote attacker can send a specially crafted token to bypass security policy enforcement.

This can cause split-brain verification in mixed-library deployments, where other RFC-compliant libraries reject the same token.


3) Uncontrolled Recursion (CVE-ID: CVE-2026-30922)

The vulnerability allows a remote attacker to cause a denial of service.

The vulnerability exists due to uncontrolled recursion in the pyasn1 BER decoder when decoding deeply nested ASN.1 data with indefinite-length constructed types. A remote attacker can supply a specially crafted payload containing nested SEQUENCE or SET tags to cause a denial of service.

Services that parse untrusted ASN.1 data may terminate with a RecursionError or exhaust available memory.


Remediation

Install update from vendor's website.

References