Ubuntu Nginx Important Denial of Service Issues USN-8375-1
ubuntu
June 3, 2026
Several security issues were fixed in nginx.
Summary
Several security issues were fixed in nginx.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
It was discovered that the nginx ngx_mail_smtp_module module incorrectly
handled certain memory operations when doing SMTP authentication. This
could possibly result in sensitive information being sent to the
authentication server. (CVE-2025-53859)
It was discovered that nginx incorrectly handled proxying to upstream TLS
servers. An attacker could possibly use this issue to insert plain text
data into the response from an upstream proxied server. (CVE-2026-1642)
It was discovered that the nginx ngx_mail_auth_http_module module
incorrectly handled certain requests. An attacker could possibly use this
issue to cause nginx to crash, resulting in a denial of service.
(CVE-2026-27651)
It was discovered that the nginx ngx_http_dav_module module incorrectly
handled certain destination URIs. An attacker could use this issue to cause
nginx to crash, resulting...
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libnginx-mod-http-headers-more-filter 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
libnginx-mod-http-lua 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
libnginx-mod-mail 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
libnginx-mod-nchan 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
libnginx-mod-rtmp 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
nginx 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
nginx-core 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
nginx-extras 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
nginx-full 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
nginx-light 1.18.0-0ubuntu1.7+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libnginx-mod-http-auth-pam 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-cache-purge 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-dav-ext 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-echo 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-fancyindex 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-geoip 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-headers-more-filter 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-image-filter 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-lua 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-ndk 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-perl 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-subs-filter 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-uploadprogress 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-upstream-fair 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-http-xslt-filter 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-mail 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-nchan 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-rtmp 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
libnginx-mod-stream 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
nginx 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
nginx-core 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
nginx-extras 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
nginx-full 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
nginx-light 1.14.0-0ubuntu1.11+esm2
Available with Ubuntu Pro
Ubuntu 16.04 LTS
nginx 1.10.3-0ubuntu0.16.04.5+esm7
Available with Ubuntu Pro
nginx-core 1.10.3-0ubuntu0.16.04.5+esm7
Available with Ubuntu Pro
nginx-extras 1.10.3-0ubuntu0.16.04.5+esm7
Available with Ubuntu Pro
nginx-full 1.10.3-0ubuntu0.16.04.5+esm7
Available with Ubuntu Pro
nginx-light 1.10.3-0ubuntu0.16.04.5+esm7
Available with Ubuntu Pro
Ubuntu 14.04 LTS
nginx 1.4.6-1ubuntu3.9+esm6
Available with Ubuntu Pro
nginx-common 1.4.6-1ubuntu3.9+esm6
Available with Ubuntu Pro
nginx-core 1.4.6-1ubuntu3.9+esm6
Available with Ubuntu Pro
nginx-extras 1.4.6-1ubuntu3.9+esm6
Available with Ubuntu Pro
nginx-full 1.4.6-1ubuntu3.9+esm6
Available with Ubuntu Pro
nginx-light 1.4.6-1ubuntu3.9+esm6
Available with Ubuntu Pro
nginx-naxsi 1.4.6-1ubuntu3.9+esm6
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.References
https://ubuntu.com/security/notices/USN-8375-1
CVE-2025-53859, CVE-2026-1642, CVE-2026-27651, CVE-2026-27654,
CVE-2026-27784, CVE-2026-28753, CVE-2026-32647, CVE-2026-40701,
CVE-2026-42934, CVE-2026-42945, CVE-2026-42946, CVE-2026-9256
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-8375-1
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!