Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Ubuntu 25.10 nginx Important Denial of Service Vulnerabilities USN-8210-1

ubuntu
Calendar Grey April 27, 2026
Dist Ubuntu Esm H88
Several security issues in nginx affect Ubuntu. Immediate updates are essential to avoid denial of service risks.
Several security issues were fixed in nginx.

Summary

Several security issues were fixed in nginx.

Software Description:

- nginx: small, powerful, scalable web/proxy server

Details:

It was discovered that the nginx ngx_mail_auth_http_module module

incorrectly handled certain requests. An attacker could possibly use this

issue to cause nginx to crash, resulting in a denial of service.

(CVE-2026-27651)

It was discovered that the nginx ngx_http_dav_module module incorrectly

handled certain destination URIs. An attacker could use this issue to cause

nginx to crash, resulting in a denial of service, or possibly modify source

or destination names outside of the document root. (CVE-2026-27654)

It was discovered that the nginx ngx_http_mp4_module module incorrectly

handled certain MP4 files. An attacker could use this issue to cause nginx

to crash, resulting in a denial of service, or possibly execute arbitrary

code. (CVE-2026-27784, CVE-2026-32647)

It was discovered that the nginx ngx_mail_smtp_module module incorrectly

handled certain...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  nginx                           1.28.0-6ubuntu1.2
  nginx-core                      1.28.0-6ubuntu1.2
  nginx-extras                    1.28.0-6ubuntu1.2
  nginx-full                      1.28.0-6ubuntu1.2
  nginx-light                     1.28.0-6ubuntu1.2

Ubuntu 24.04 LTS
  nginx                           1.24.0-2ubuntu7.7
  nginx-core                      1.24.0-2ubuntu7.7
  nginx-extras                    1.24.0-2ubuntu7.7
  nginx-full                      1.24.0-2ubuntu7.7
  nginx-light                     1.24.0-2ubuntu7.7

Ubuntu 22.04 LTS
  nginx                           1.18.0-6ubuntu14.10
  nginx-core                      1.18.0-6ubuntu14.10
  nginx-extras                    1.18.0-6ubuntu14.10
  nginx-full                      1.18.0-6ubuntu14.10
  nginx-light                     1.18.0-6ubuntu14.10

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8210-1

CVE-2026-27651, CVE-2026-27654, CVE-2026-27784, CVE-2026-28753,

CVE-2026-28755, CVE-2026-32647

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8210-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here