Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Rocky Linux Nginx Key Vulnerability Denial of Service Alert RLSA-2026-28212

rocky
Calendar Grey June 24, 2026
Scroller Rockylinux
Nginx security fix available for Rocky Linux 9 addresses important vulnerabilities leading to denial of service and code execution.
Important: nginx:1.24 security update

Summary

An update is available for nginx, module.nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RPMs

nginx-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.aarch64.rpm

nginx-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.ppc64le.rpm

nginx-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.s390x.rpm

nginx-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.src.rpm

nginx-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.x86_64.rpm

nginx-all-modules-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.noarch.rpm

nginx-core-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.aarch64.rpm

nginx-core-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.ppc64le.rpm

nginx-core-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.s390x.rpm

nginx-core-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.x86_64.rpm

nginx-core-debuginfo-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.aarch64.rpm

nginx-core-debuginfo-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.ppc64le.rpm

nginx-core-debuginfo-1:1.24.0-7.module+el9.8.0+40193+7b2d11e4.1.rocky.0.1.s390x.rpm

Read the Full Advisory

References

No references

CVES

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9256

Severity
important
Lowest
Low
Medium
High
Critical

Name: RLSA-2026:28212
Affected Products: Rocky Linux 9

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2480746


Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.