Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 603
Alerts This Week
Warning Icon 1 603

Rocky Linux 10 nghttp2 DoS Vulnerability CVE-2026-27135 RLSA-2026-7666

rocky
Calendar Grey April 15, 2026
Rockylinux Esm H88
An important nghttp2 security update for Rocky Linux 10 addresses a denial of service issue with malformed HTTP/2 frames.
Important: nghttp2 security update

Summary

An update is available for nghttp2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RPMs

nghttp2-0:1.64.0-2.el10_1.1.aarch64.rpm

nghttp2-0:1.64.0-2.el10_1.1.src.rpm

libnghttp2-0:1.64.0-2.el10_1.1.ppc64le.rpm

nghttp2-0:1.64.0-2.el10_1.1.x86_64.rpm

libnghttp2-debuginfo-0:1.64.0-2.el10_1.1.aarch64.rpm

nghttp2-debugsource-0:1.64.0-2.el10_1.1.s390x.rpm

libnghttp2-0:1.64.0-2.el10_1.1.x86_64.rpm

nghttp2-debuginfo-0:1.64.0-2.el10_1.1.x86_64.rpm

nghttp2-debugsource-0:1.64.0-2.el10_1.1.x86_64.rpm

nghttp2-debuginfo-0:1.64.0-2.el10_1.1.s390x.rpm

nghttp2-debugsource-0:1.64.0-2.el10_1.1.aarch64.rpm

libnghttp2-debuginfo-0:1.64.0-2.el10_1.1.s390x.rpm

nghttp2-0:1.64.0-2.el10_1.1.s390x.rpm

nghttp2-debugsource-0:1.64.0-2.el10_1.1.ppc64le.rpm

libnghttp2-0:1.64.0-2.el10_1.1.aarch64.rpm

libnghttp2-debuginfo-0:1.64.0-2.el10_1.1.x86_64.rpm

nghttp2-0:1.64.0-2.el10_1.1.ppc64le.rpm

nghttp2-debuginfo-0:1.64.0-2.el10_1.1.ppc64le.rpm

libnghttp2-devel-0:1.64.0-2.el10_1.1.x86_64.rpm

libnghttp2-devel-0:1.64.0-2.el10_1.1.s390x.rpm

nghttp2-debuginfo-0:1.64.0-2.el10_1.1.aarch64.rpm

Read the Full Advisory

References

No references

CVES

https://www.cve.org/CVERecord?id=CVE-2026-27135

Severity
important

Name: RLSA-2026:7666
Affected Products: Rocky Linux 10

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2448754


Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.