Alerts This Week
Warning Icon 1 401
Alerts This Week
Warning Icon 1 401

Oracle Linux 9 nghttp2 Significant Denial of Service Patch ELSA-2026-7669

oracle
Calendar Grey April 13, 2026
Oracle Linux Logo Esm H88
Updated Oracle Linux rpms focus on important fixes for nghttp2 including denial of service vulnerabilities.
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[1.43.0-6.1] - fix Denial of service: Assertion failure due to the missing state validation (CVE-2026-27135)

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/nghttp2-1.43.0-6.el9_7.1.src.rpm

x86_64

libnghttp2-1.43.0-6.el9_7.1.i686.rpm libnghttp2-1.43.0-6.el9_7.1.x86_64.rpm libnghttp2-devel-1.43.0-6.el9_7.1.i686.rpm libnghttp2-devel-1.43.0-6.el9_7.1.x86_64.rpm nghttp2-1.43.0-6.el9_7.1.x86_64.rpm

aarch64

libnghttp2-1.43.0-6.el9_7.1.aarch64.rpm libnghttp2-devel-1.43.0-6.el9_7.1.aarch64.rpm nghttp2-1.43.0-6.el9_7.1.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-27135

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here