Alerts This Week
Warning Icon 1 1,053
Alerts This Week
Warning Icon 1 1,053

Oracle Linux 8 nginx Important Code Execution Vuln ELSA-2026-28921

oracle
Calendar Grey June 24, 2026
Oracle Linux Logo Esm H88
Important security advisory for Oracle Linux 8 addressing denial of service and code execution in nginx.
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[1.24.0-3.0.1.2] - Remove Red Hat references [Orabug: 29498217] [1:1.24.0-3.2] - Resolves: RHEL-178676 - nginx:1.24/nginx: code execution and denial of service (CVE-2026-9256) - Resolves: RHEL-182543 - nginx: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack [1:1.24.0-3.1] - Resolves: RHEL-176224 - nginx:1.24/nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) [1:1.24.0-3] - Resolves: RHEL-157877 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves: RHEL-159436 CVE-2026-27651 nginx:1.24/nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled - Resolves: RHEL-159549 CVE-2026-27654 nginx:1.24/nginx: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module - Resolves: RHEL-159528 CVE-2026-27784 nginx:1.24/nginx: NGINX: Denial of Service due to memory corruption via crafted MP4 file ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service code execution important nginx Oracle

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates/nginx-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.src.rpm

x86_64

nginx-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.x86_64.rpm nginx-all-modules-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.noarch.rpm nginx-filesystem-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.noarch.rpm nginx-mod-devel-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.x86_64.rpm nginx-mod-http-image-filter-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.x86_64.rpm nginx-mod-http-perl-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.x86_64.rpm nginx-mod-http-xslt-filter-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.x86_64.rpm nginx-mod-mail-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.x86_64.rpm nginx-mod-stream-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.x86_64.rpm

aarch64

nginx-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.aarch64.rpm nginx-all-modules-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.noarch.rpm nginx-filesystem-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.noarch.rpm nginx-mod-devel-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.aarch64.rpm nginx-mod-http-image-filter-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.aarch64.rpm nginx-mod-http-perl-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.aarch64.rpm nginx-mod-http-xslt-filter-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.aarch64.rpm nginx-mod-mail-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.aarch64.rpm nginx-mod-stream-1.24.0-3.0.1.module+el8.10.0+90930+6a64aa8a.2.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-9256

Topics%20covered

Topics Covered

security advisory denial of service code execution important nginx Oracle

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here