Security News

Cybersecurity news aggregator

🔄
CRITICAL Updates Red Hat Errata

RHSA-2026:17793: Critical: nginx:1.24 security update

cve-2026-42945nginxred-hat
A critical arbitrary code execution vulnerability (CVE-2026-42945, CVSS 8.1) has been patched in the nginx:1.24 module for Red Hat Enterprise Linux 9.4 Extended Update Support. The specific attack vector and affected version ranges are not detailed in the advisory. The fix is delivered via updated packages referenced in RHSA-2026:17793, and administrators should apply this update immediately.
Read Full Article →

Red Hat Product Errata RHSA-2026:17793 - Security Advisory Issued: 2026-05-15 Updated: 2026-05-15 RHSA-2026:17793 - Security Advisory Overview Updated Packages Synopsis Critical: nginx:1.24 security update Type/Severity Security Advisory: Critical Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): nginx: NGINX: Arbitrary Code Execution Vulnerability (CVE-2026-42945) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2477116 - CVE-2026-42945 nginx: NGINX: Arbitrary Code Execution Vulnerability CVEs CVE-2026-42945 References https://access.redhat.com/security/updates/classification/#critical Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM nginx-1.24.0-1.module+el9.4.0+24298+389e3815.5.src.rpm SHA-256: 676280f8ad6ac1699b786de8d165b450cc74a82615071fbb19d8bfdcd34f2acc x86_64 nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d4ffc69f59d97f6a721e8b4e0827144423ab72f23 nginx-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: c761fab6c5e90a32add1dfe0dc7b670116071c126e57f76416a500fa8afee0b1 nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-core-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 37699a71a4577d56e3962b2886df7e5ef3918544aeecdad92f881a0f299f8afd nginx-core-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d00111bbc3ee927b0f31c2a23cb2af3090440cb288343f413be33d52c83d2e86 nginx-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d8efa99da301fc9348c116229298c366aab4d51aed6d1784c6127201b156f370 nginx-debugsource-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d11a24f849670b744f5bfd078117c8f11c684d9eb0ba5fc113b656c06bb54fdd nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d4ffc69f59d97f6a721e8b4e0827144423ab72f23 nginx-mod-devel-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 309e39a4b956dd0b6e4cb08a4c3c80ff1ebd552833876bf720ec7446923c5c61 nginx-mod-http-image-filter-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: b123742fbdc09a3f6d1cf5b85b4258779169e45b367cd08a6465eb35848a76c3 nginx-mod-http-image-filter-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 992b07da7f70f729945d6be73c83334e2f7384cb89de1036f64230f5cf10b8c2 nginx-mod-http-perl-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: b0009a022d3b24b2b9959dea0f3482e2c060b9af6fc9cf5f4e0572c2b1d6b9fc nginx-mod-http-perl-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 3177449d49feef7c4e7debad714e25610885cab8eb19a558a0fafff7bd19a103 nginx-mod-http-xslt-filter-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: e954f13aa1589fc5c96529bb2509006fcbd7bb17d0eea020e6fbcc909a403e95 nginx-mod-http-xslt-filter-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 0bd8688c3bf0feecf70f9e8ea84c5afe56173903470a5f05ed483b8e9d39cf6d nginx-mod-mail-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: cd690fc1fa265899a4995134ec083a63e84186c4bd88672ebe95738109e8820d nginx-mod-mail-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 7bedb90006d6a8a8a734c25174e234435f9f67dde49f79ce854fccfd9eca9638 nginx-mod-stream-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d6f472284997c05049a36f7482248ff0586b15794de97640d5d23d6621d33bc9 nginx-mod-stream-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 991467cd1da3fc7d5b1ac23d90f6625a15ded1b65ff402bafbef7587809283fe nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d4ffc69f59d97f6a721e8b4e0827144423ab72f23 nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d4ffc69f59d97f6a721e8b4e0827144423ab72f23 Red Hat Enterprise Linux Server - AUS 9.4 SRPM nginx-1.24.0-1.module+el9.4.0+24298+389e3815.5.src.rpm SHA-256: 676280f8ad6ac1699b786de8d165b450cc74a82615071fbb19d8bfdcd34f2acc x86_64 nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d4ffc69f59d97f6a721e8b4e0827144423ab72f23 nginx-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: c761fab6c5e90a32add1dfe0dc7b670116071c126e57f76416a500fa8afee0b1 nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-core-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 37699a71a4577d56e3962b2886df7e5ef3918544aeecdad92f881a0f299f8afd nginx-core-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d00111bbc3ee927b0f31c2a23cb2af3090440cb288343f413be33d52c83d2e86 nginx-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d8efa99da301fc9348c116229298c366aab4d51aed6d1784c6127201b156f370 nginx-debugsource-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d11a24f849670b744f5bfd078117c8f11c684d9eb0ba5fc113b656c06bb54fdd nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d4ffc69f59d97f6a721e8b4e0827144423ab72f23 nginx-mod-devel-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 309e39a4b956dd0b6e4cb08a4c3c80ff1ebd552833876bf720ec7446923c5c61 nginx-mod-http-image-filter-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: b123742fbdc09a3f6d1cf5b85b4258779169e45b367cd08a6465eb35848a76c3 nginx-mod-http-image-filter-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 992b07da7f70f729945d6be73c83334e2f7384cb89de1036f64230f5cf10b8c2 nginx-mod-http-perl-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: b0009a022d3b24b2b9959dea0f3482e2c060b9af6fc9cf5f4e0572c2b1d6b9fc nginx-mod-http-perl-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 3177449d49feef7c4e7debad714e25610885cab8eb19a558a0fafff7bd19a103 nginx-mod-http-xslt-filter-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: e954f13aa1589fc5c96529bb2509006fcbd7bb17d0eea020e6fbcc909a403e95 nginx-mod-http-xslt-filter-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 0bd8688c3bf0feecf70f9e8ea84c5afe56173903470a5f05ed483b8e9d39cf6d nginx-mod-mail-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: cd690fc1fa265899a4995134ec083a63e84186c4bd88672ebe95738109e8820d nginx-mod-mail-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 7bedb90006d6a8a8a734c25174e234435f9f67dde49f79ce854fccfd9eca9638 nginx-mod-stream-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: d6f472284997c05049a36f7482248ff0586b15794de97640d5d23d6621d33bc9 nginx-mod-stream-debuginfo-1.24.0-1.module+el9.4.0+24298+389e3815.5.x86_64.rpm SHA-256: 991467cd1da3fc7d5b1ac23d90f6625a15ded1b65ff402bafbef7587809283fe nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d4ffc69f59d97f6a721e8b4e0827144423ab72f23 nginx-all-modules-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 04c0923de84c6a5457a46b805b741074a74c76fa44e2a5103a1b8aac452f3ac9 nginx-filesystem-1.24.0-1.module+el9.4.0+24298+389e3815.5.noarch.rpm SHA-256: 7f1638905b217df7b62a6d9d

Related Articles

CRITICAL RHSA-2026:17791: Critical: nginx security update Red Hat Errata CRITICAL RHSA-2026:17790: Critical: nginx security update Red Hat Errata CRITICAL RHSA-2026:17794: Critical: nginx security update Red Hat Errata CRITICAL RHSA-2026:17792: Critical: nginx security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn