Red Hat Resource Agents Security Flaw Allows Unauthorized Root Access

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.5

Red Hat Resource Agents Security Flaw Allows Unauthorized Root Access

RHSA-2026:2758

Summary

An update is available for Red Hat's resource-agents software, which fixes a security issue that could allow an attacker to gain root access to a system. This flaw is particularly concerning because it could be exploited remotely, allowing an attacker to take control of a system. Affected systems should be updated as soon as possible to prevent potential security risks.

What to do

Update redhat resource-agents to version 0:4.1.1-61.el7_9.23.
Update redhat resource-agents-aliyun to version 0:4.1.1-61.el7_9.23.
Update redhat resource-agents-debuginfo to version 0:4.1.1-61.el7_9.23.
Update redhat resource-agents-gcp to version 0:4.1.1-61.el7_9.23.
Update redhat resource-agents-sap to version 0:4.1.1-61.el7_9.23.
Update redhat resource-agents-sap-hana to version 0:4.1.1-61.el7_9.23.
Update redhat resource-agents-sap-hana-scaleout to version 0:0.164.0-6.el7_9.23.
Update redhat sap-cluster-connector to version 0:3.0.1-37.el7_9.23.

Affected software

Vendor	Product	Affected versions	Fix available
redhat	resource-agents	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-aliyun	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-debuginfo	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-gcp	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap-hana	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap-hana-scaleout	<= 0:0.164.0-6.el7_9.23	0:0.164.0-6.el7_9.23
redhat	sap-cluster-connector	<= 0:3.0.1-37.el7_9.23	0:3.0.1-37.el7_9.23
redhat	resource-agents	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-aliyun	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-debuginfo	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-gcp	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap-hana	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap-hana-scaleout	<= 0:0.164.0-6.el7_9.23	0:0.164.0-6.el7_9.23
redhat	sap-cluster-connector	<= 0:3.0.1-37.el7_9.23	0:3.0.1-37.el7_9.23
redhat	resource-agents	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-aliyun	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-debuginfo	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-gcp	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap-hana	<= 0:4.1.1-61.el7_9.23	0:4.1.1-61.el7_9.23
redhat	resource-agents-sap-hana-scaleout	<= 0:0.164.0-6.el7_9.23	0:0.164.0-6.el7_9.23
redhat	sap-cluster-connector	<= 0:3.0.1-37.el7_9.23	0:3.0.1-37.el7_9.23

Original title

Red Hat Security Advisory: resource-agents security update

osv CVSS3.1 7.5

https://access.redhat.com/errata/RHSA-2026:2758 Vendor Advisory
https://access.redhat.com/security/updates/classification/#important Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2430472 Third Party Advisory
https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2758.j... Vendor Advisory
https://access.redhat.com/security/cve/CVE-2026-23490 Third Party Advisory
https://www.cve.org/CVERecord?id=CVE-2026-23490 Vendor Advisory
https://nvd.nist.gov/vuln/detail/CVE-2026-23490 Vendor Advisory
https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970 Third Party Advisory
https://github.com/pyasn1/pyasn1/releases/tag/v0.6.2 Third Party Advisory
https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq Third Party Advisory

Published: 17 Feb 2026 · Updated: 13 Mar 2026 · First seen: 10 Mar 2026