An update for nginx is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
nginx is a web and proxy server supporting HTTP and other protocols, with a
focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based
buffer overflow with crafted HTTP/2 headers (CVE-2026-42055)
Bug Fix(es) and Enhancement(s):
* nginx: "HTTP/2 bomb" nginx fix breaks module ABI causing crashes
[rhel-9.8.z] (JIRA:RHEL-190800)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2026-42055: Incorrect Calculation of Buffer Size (CWE-131)
| # | Наименование новости | Тональность | Информативность | Дата публикации |
|---|---|---|---|---|
| 1 | Ausführen beliebiger Kommandos in nginx (Red Hat) | 0 | 5 | 08-07-2026 |
| 2 | Ausführen beliebiger Kommandos in compat-openssl10 (Red Hat) | 0 | 5 | 08-07-2026 |
| 3 | Preisgabe von Informationen in Linux (Red Hat) | 0 | 5 | 08-07-2026 |
| 4 | Ausführen von Code mit höheren Privilegien in cifs-utils (Fedora) | 0 | 5 | 08-07-2026 |
| 5 | Ausführen von Code mit höheren Privilegien in cifs-utils (Fedora) | 0 | 5 | 08-07-2026 |
| 6 | Denial of Service in aardvark-dns (Red Hat) | 0 | 5 | 08-07-2026 |
| 7 | Denial of Service in freeipmi (Red Hat) | -5 | 7 | 08-07-2026 |
| 8 | Denial of Service in freeipmi (Red Hat) | 0 | 5 | 08-07-2026 |
| 9 | Mehrere Probleme in Linux (Red Hat) | 0 | 5 | 08-07-2026 |
| 10 | Zwei Probleme in skopeo (Red Hat) | 0 | 5 | 08-07-2026 |