Oracle Linux 9 NGINX Critical Arbitrary Code Execution Vuln ELSA-2026-19371

oracle

June 25, 2026

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[1.24.0-7.1.0.1] - Reference oracle-indexhtml within Requires [Orabug: 33802044] - Remove Red Hat references [Orabug: 29498217] [1:1.24.0-7.1] - Resolves: RHEL-176234 - nginx:1.24/nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) [1:1.24.0-7] - Resolves: RHEL-157889 CVE-2026-32647 nginx:1.24/nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files - Resolves: RHEL-159448 CVE-2026-27651 nginx:1.24/nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled - Resolves: RHEL-159561 CVE-2026-27654 nginx:1.24/nginx: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module - Resolves: RHEL-159540 CVE-2026-27784 nginx:1.24/nginx: NGINX: Denial of Service due to memory corruption via crafted MP4 file [1:1.24.0-6] - Resolves: RHEL-146529 - CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections [1:1.24.0-5] - Resolves...

Read the Full Advisory

Topics Covered

security advisory denial of service critical arbitrary code execution nginx Oracle

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates/nginx-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.src.rpm

x86_64

nginx-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm nginx-all-modules-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.noarch.rpm nginx-core-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm nginx-filesystem-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.noarch.rpm nginx-mod-devel-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm nginx-mod-http-image-filter-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm nginx-mod-http-perl-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm nginx-mod-http-xslt-filter-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm nginx-mod-mail-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm nginx-mod-stream-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.x86_64.rpm

aarch64

nginx-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm nginx-all-modules-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.noarch.rpm nginx-core-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm nginx-filesystem-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.noarch.rpm nginx-mod-devel-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm nginx-mod-http-image-filter-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm nginx-mod-http-perl-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm nginx-mod-http-xslt-filter-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm nginx-mod-mail-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm nginx-mod-stream-1.24.0-7.0.1.module+el9.8.0+90907+bb748438.1.aarch64.rpm

Severity

critical

Lowest

Low

Medium

High

Critical

Related CVEs: CVE-2026-42945

Topics Covered

security advisory denial of service critical arbitrary code execution nginx Oracle

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Oracle Linux 9 NGINX Critical Arbitrary Code Execution Vuln ELSA-2026-19371

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Oracle Linux 9 NGINX Critical Arbitrary Code Execution Vuln ELSA-2026-19371

Summary

Topics Covered

SRPMs

x86_64

aarch64

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!