Red Hat Enterprise Linux Flaws in pcs and go-jose Enable Denial of Service
dCERT issued advisories for two Red Hat Enterprise Linux components, warning that vulnerabilities in pcs and go-jose could be exploited to cause denial-of-service conditions. Advisory 2026-1092 covers the pcs package, while advisory 2026-1245 addresses go-jose, indicating that separate weaknesses in commonly deployed RHEL software may allow attackers to disrupt service availability.
The notices provide limited public technical detail, but they identify both issues as affecting Red Hat Enterprise Linux environments and potentially impacting system stability or application availability. Organizations running RHEL systems that rely on clustering functionality through pcs or authentication and cryptographic operations through go-jose should review the relevant vendor advisories and apply available updates or mitigations to reduce exposure to service disruption.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
dCERT publishes RHEL go-jose denial-of-service advisory 2026-1245
dCERT published advisory 2026-1245 for Red Hat Enterprise Linux involving the go-jose component, stating that the vulnerability could allow denial of service.
dCERT publishes RHEL pcs denial-of-service advisory 2026-1092
dCERT published advisory 2026-1092 for Red Hat Enterprise Linux involving the pcs component, stating that the vulnerability could allow denial of service.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Red Hat Enterprise Linux Packages Patched for urllib3 and Python Protobuf DoS Flaws
Red Hat Enterprise Linux users were alerted to multiple package-level vulnerabilities that can cause denial of service, affecting both **`urllib3`** and **Python Protobuf** components distributed for the platform. One advisory reported multiple flaws in **`urllib3`** that could be abused to disrupt application availability, while a separate advisory identified a denial-of-service vulnerability in **Python Protobuf**. The notices indicate that the impact is centered on service interruption rather than code execution, but the affected libraries are widely used in Python-based applications and backend services on Red Hat Enterprise Linux systems. Organizations running exposed or business-critical workloads that depend on these packages should prioritize reviewing installed versions, applying Red Hat-provided updates, and validating that dependent applications remain stable after remediation.
Mar 27, 2026
Denial-of-Service Flaws Disclosed in Golang Go and Go `sys` Components
German CERT advisories disclosed denial-of-service vulnerabilities affecting **Golang Go** and the **Go `sys`** component. The notices identify two separate issues, tracked as dCERT advisories `2025-2420` and `2026-1635`, with both describing flaws that could allow an attacker to disrupt availability rather than achieve code execution or privilege escalation. The advisories provide limited public detail, but the impact is clear: organizations using affected Go runtimes or the `golang.org/x/sys` package should review vendor guidance, identify exposed services and dependent applications, and prioritize updates or mitigations to reduce the risk of service interruption. The disclosures highlight continued availability risk in widely used Go software components that may be embedded across internal tools, cloud services, and third-party products.
May 26, 2026
Red Hat Linux Kernel Vulnerabilities Prompt Broad Update Advisory
The Canadian Centre for Cyber Security issued two notices warning that Red Hat had published multiple security advisories for vulnerabilities affecting several products, with a particular focus on **Linux kernel** updates. The affected offerings include **Red Hat CodeReady Linux Builder**, **Red Hat Enterprise Linux**, **Red Hat Enterprise Linux Server**, and **Red Hat Enterprise Linux for Real Time** across multiple versions and platforms. The first notice, `AV26-318`, covered Red Hat advisories released between March 30 and April 5, while the second, `AV26-341`, covered advisories published between April 6 and 12. In both cases, the Cyber Centre urged users and administrators to review the referenced Red Hat advisories and apply the necessary updates to address the disclosed vulnerabilities.
May 11, 2026