Privilege escalation via incorrect Punycode label processing
Summary
Privilege escalation via incorrect Punycode label processing. Red Hat rates this important (CVSS 8.2). Weakness: CWE-1289. Affected package(s): rhacm2/observatorium-rhel9:1782157471, rhacm2/prometheus-alertmanager-rhel9:1782156920, cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9:1782840519, rhacm2/thanos-rhel9:1782465412, rhacm2/grafana-dashboard-loader-rhel9:1782383255, rhacm2/acm-prometheus-config-reloader-rhel9:1782157632. Resolved in Red Hat advisory RHSA-2026:35830 — update the affected packages (`sudo dnf update`).
- rhacm2/observatorium-rhel9:1782157471
- rhacm2/prometheus-alertmanager-rhel9:1782156920
- cluster-observability-operator/distributed-tracing-console-plugin-pf4-rhel9:1782840519
- rhacm2/thanos-rhel9:1782465412
- rhacm2/grafana-dashboard-loader-rhel9:1782383255
- rhacm2/acm-prometheus-config-reloader-rhel9:1782157632
- rhacm2/prometheus-rhel9:1782374537
- rhelai3/bootc-azure-rocm-rhel9:1782754093
- rhelai3/bootc-gcp-cuda-rhel9:1782758409
- grafana-pcp-0:5.1.1-17.el9_8
- grafana-0:10.2.6-27.el10_2
- git-lfs-0:3.4.1-11.el8_10
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
- RHSA-2026:35830
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
- Update the affected package(s) to the fixed version shipped in RHSA-2026:35830 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.