A Denial of Service vulnerability (CVE-2026-27135, CVSS 7.5 HIGH) in the nghttp2 library allows an attacker to cause a service disruption by sending malformed HTTP/2 frames after a session has been terminated. The vulnerability affects nghttp2 versions prior to 1.68.1, and it is fixed by upgrading to version 1.68.1.
Red Hat Product Errata RHSA-2026:8868 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:8868 - Security Advisory Overview Updated Packages Synopsis Important: nghttp2 security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for nghttp2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination (CVE-2026-27135) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 Fixes BZ - 2448754 - CVE-2026-27135 nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination CVEs CVE-2026-27135 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 SRPM nghttp2-1.64.0-2.el10_0.1.src.rpm SHA-256: 357813c767d40463628d027146147eea2c4232c67e62acf752bac65138741435 x86_64 libnghttp2-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: 8fa9d2e929971205a9666c95b29684f9f464ddfaf60de4a137222ca21785ae96 libnghttp2-debuginfo-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: 65bb2b9fea183eceb154db289bc3f8a6bd48a86173599622d92c8f3003c25186 libnghttp2-debuginfo-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: 65bb2b9fea183eceb154db289bc3f8a6bd48a86173599622d92c8f3003c25186 libnghttp2-devel-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: 5d4ad26d9d64e0e5168046d2c0c56a9316b1887ddb8c4c4d8507c397da66a5ea nghttp2-debuginfo-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: ab19af87b61a938dcd28ac7d423cb86f8b0c8350e98ebd07d4103028b86235bc nghttp2-debuginfo-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: ab19af87b61a938dcd28ac7d423cb86f8b0c8350e98ebd07d4103028b86235bc nghttp2-debugsource-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: b8ac6310fe6a67b26c259fb10087f86b7308826de84289632b6939a2d0a4870a nghttp2-debugsource-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: b8ac6310fe6a67b26c259fb10087f86b7308826de84289632b6939a2d0a4870a Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 SRPM nghttp2-1.64.0-2.el10_0.1.src.rpm SHA-256: 357813c767d40463628d027146147eea2c4232c67e62acf752bac65138741435 s390x libnghttp2-1.64.0-2.el10_0.1.s390x.rpm SHA-256: f6293e40feab23b2a0cb652627a4f162fdfb92f601f3e2cdcc92b6616f9bfa30 libnghttp2-debuginfo-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 756da3caaf1666c56034a996cde228cfbe29d0c250a06b36baebd54da039c732 libnghttp2-debuginfo-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 756da3caaf1666c56034a996cde228cfbe29d0c250a06b36baebd54da039c732 libnghttp2-devel-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 732921be2d3949dbab8d46623117a424c606383fb47c8569b259551744329af5 nghttp2-debuginfo-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 694d234d1d930d303080529657a85bf95f249bb4c80d4e17ae8bffafdb56a6f6 nghttp2-debuginfo-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 694d234d1d930d303080529657a85bf95f249bb4c80d4e17ae8bffafdb56a6f6 nghttp2-debugsource-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 4646617478d9bdcf4bf41256f6a49fc13e7a85f539e03e1db5b94328609c7c93 nghttp2-debugsource-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 4646617478d9bdcf4bf41256f6a49fc13e7a85f539e03e1db5b94328609c7c93 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 SRPM nghttp2-1.64.0-2.el10_0.1.src.rpm SHA-256: 357813c767d40463628d027146147eea2c4232c67e62acf752bac65138741435 ppc64le libnghttp2-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: de6bd5b7a7c55b98190b853616c3c026431ad753a6affc272d396dbb0a0155bb libnghttp2-debuginfo-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 04979bbe325f845e9672573654ff76e1bea0b83d9162c36ec65df03e21301bdc libnghttp2-debuginfo-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 04979bbe325f845e9672573654ff76e1bea0b83d9162c36ec65df03e21301bdc libnghttp2-devel-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: d599b244c41cd7b4add865c947a780c21c20ed15be113a14c634ffd7bb08805a nghttp2-debuginfo-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 6ac10e867bf4a7f95d95bcf8eb85459f405edb5beaadd0db4d55b16469b1f4c0 nghttp2-debuginfo-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 6ac10e867bf4a7f95d95bcf8eb85459f405edb5beaadd0db4d55b16469b1f4c0 nghttp2-debugsource-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 28bb6310f60377f08847acdbb45249993045e21c78595e12ba34f0095dceb2aa nghttp2-debugsource-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 28bb6310f60377f08847acdbb45249993045e21c78595e12ba34f0095dceb2aa Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 SRPM nghttp2-1.64.0-2.el10_0.1.src.rpm SHA-256: 357813c767d40463628d027146147eea2c4232c67e62acf752bac65138741435 aarch64 libnghttp2-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: c79aed805f0c28a5a54305b4314844861af448b25fbae218b84a65ae1582dc44 libnghttp2-debuginfo-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 0ac1ff76a672cdc86707895451053d6ac2bb45553b927be40153cf4031e4b5c6 libnghttp2-debuginfo-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 0ac1ff76a672cdc86707895451053d6ac2bb45553b927be40153cf4031e4b5c6 libnghttp2-devel-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 34541f33151a5ff942a06cc62869d84b0302dad5f7d65f09369e7b96c0979ef9 nghttp2-debuginfo-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 692d4958ace1f11f7082752e8c4775289471e6db5c8de64bf2825e7e33ed3eeb nghttp2-debuginfo-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 692d4958ace1f11f7082752e8c4775289471e6db5c8de64bf2825e7e33ed3eeb nghttp2-debugsource-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: fbd6c3754ec98a54bd843ef509d645ab32553c029da6f5541bf7b22d6f7926f0 nghttp2-debugsource-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: fbd6c3754ec98a54bd843ef509d645ab32553c029da6f5541bf7b22d6f7926f0 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 SRPM x86_64 libnghttp2-debuginfo-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: 65bb2b9fea183eceb154db289bc3f8a6bd48a86173599622d92c8f3003c25186 nghttp2-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: 12c5fca358879ba8f0943be07a1be9562c6a0c09b0a7bfc90abca2e55506ad0b nghttp2-debuginfo-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: ab19af87b61a938dcd28ac7d423cb86f8b0c8350e98ebd07d4103028b86235bc nghttp2-debugsource-1.64.0-2.el10_0.1.x86_64.rpm SHA-256: b8ac6310fe6a67b26c259fb10087f86b7308826de84289632b6939a2d0a4870a Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 SRPM ppc64le libnghttp2-debuginfo-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 04979bbe325f845e9672573654ff76e1bea0b83d9162c36ec65df03e21301bdc nghttp2-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: c57fc43d9d841cc939f0c976a883274c388102ca8fd3e019d8d7f3ee6ed3b6ac nghttp2-debuginfo-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 6ac10e867bf4a7f95d95bcf8eb85459f405edb5beaadd0db4d55b16469b1f4c0 nghttp2-debugsource-1.64.0-2.el10_0.1.ppc64le.rpm SHA-256: 28bb6310f60377f08847acdbb45249993045e21c78595e12ba34f0095dceb2aa Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 SRPM s390x libnghttp2-debuginfo-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 756da3caaf1666c56034a996cde228cfbe29d0c250a06b36baebd54da039c732 nghttp2-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 3bcbfa70cb160379e321fef7315246791e9ad5807e340cd6ecf404395f34d8ab nghttp2-debuginfo-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 694d234d1d930d303080529657a85bf95f249bb4c80d4e17ae8bffafdb56a6f6 nghttp2-debugsource-1.64.0-2.el10_0.1.s390x.rpm SHA-256: 4646617478d9bdcf4bf41256f6a49fc13e7a85f539e03e1db5b94328609c7c93 Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 SRPM aarch64 libnghttp2-debuginfo-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 0ac1ff76a672cdc86707895451053d6ac2bb45553b927be40153cf4031e4b5c6 nghttp2-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 29a41af7c5091a98e8ad8576242107220e958ffdb500a3c5e0a9a0d4dcb82812 nghttp2-debuginfo-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 692d4958ace1f11f7082752e8c4775289471e6db5c8de64bf2825e7e33ed3eeb nghttp2-debugsource-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: fbd6c3754ec98a54bd843ef509d645ab32553c029da6f5541bf7b22d6f7926f0 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 SRPM nghttp2-1.64.0-2.el10_0.1.src.rpm SHA-256: 357813c767d40463628d027146147eea2c4232c67e62acf752bac65138741435 aarch64 libnghttp2-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: c79aed805f0c28a5a54305b4314844861af448b25fbae218b84a65ae1582dc44 libnghttp2-debuginfo-1.64.0-2.el10_0.1.aarch64.rpm SHA-256: 0ac1ff76a672cdc86707895451053d6ac2bb45553b927be40153cf4031e4b5c6 libnght