Alerts This Week
Warning Icon 1 1,003
Alerts This Week
Warning Icon 1 1,003

Oracle Linux 9 nginx Critical CVE-2026-42945 Arbitrary Code Execution

oracle
Calendar Grey May 20, 2026
Oracle Linux Logo Esm H88
Oracle Linux advisory ELSA-2026-18029 tackles critical vulnerabilities affecting nginx security, ensuring system integrity and safety
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[2:1.20.1-24.0.1.el9_7.3] - Reference oracle-indexhtml within Requires [Orabug: 33802044] - Remove Red Hat references [Orabug: 29498217] - Update upstream references [Orabug: 36579090] [2:1.20.1-24.3] - Resolves: RHEL-176230 - nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) [2:1.20.1-24.2] - Resolves: RHEL-159557 - CVE-2026-27654 nginx: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module - Resolves: RHEL-159536 - CVE-2026-27784 nginx: NGINX: Denial of Service due to memory corruption via crafted MP4 file - Resolves: RHEL-159444 - CVE-2026-27651 nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled - Resolves: RHEL-157885 - CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files [2:1.20.1-24.1] - Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections (CVE-2026-1642)

Topics%20covered

Topics Covered

security advisory denial of service arbitrary code execution important nginx Oracle Linux

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/nginx-1.20.1-24.0.1.el9_7.3.src.rpm

x86_64

nginx-1.20.1-24.0.1.el9_7.3.x86_64.rpm nginx-all-modules-1.20.1-24.0.1.el9_7.3.noarch.rpm nginx-core-1.20.1-24.0.1.el9_7.3.x86_64.rpm nginx-filesystem-1.20.1-24.0.1.el9_7.3.noarch.rpm nginx-mod-devel-1.20.1-24.0.1.el9_7.3.x86_64.rpm nginx-mod-http-image-filter-1.20.1-24.0.1.el9_7.3.x86_64.rpm nginx-mod-http-perl-1.20.1-24.0.1.el9_7.3.x86_64.rpm nginx-mod-http-xslt-filter-1.20.1-24.0.1.el9_7.3.x86_64.rpm nginx-mod-mail-1.20.1-24.0.1.el9_7.3.x86_64.rpm nginx-mod-stream-1.20.1-24.0.1.el9_7.3.x86_64.rpm

aarch64

nginx-1.20.1-24.0.1.el9_7.3.aarch64.rpm nginx-all-modules-1.20.1-24.0.1.el9_7.3.noarch.rpm nginx-core-1.20.1-24.0.1.el9_7.3.aarch64.rpm nginx-filesystem-1.20.1-24.0.1.el9_7.3.noarch.rpm nginx-mod-devel-1.20.1-24.0.1.el9_7.3.aarch64.rpm nginx-mod-http-image-filter-1.20.1-24.0.1.el9_7.3.aarch64.rpm nginx-mod-http-perl-1.20.1-24.0.1.el9_7.3.aarch64.rpm nginx-mod-http-xslt-filter-1.20.1-24.0.1.el9_7.3.aarch64.rpm nginx-mod-mail-1.20.1-24.0.1.el9_7.3.aarch64.rpm nginx-mod-stream-1.20.1-24.0.1.el9_7.3.aarch64.rpm

Severity
critical
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2026-42945

Topics%20covered

Topics Covered

security advisory denial of service arbitrary code execution important nginx Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here