Security update for nginx

Announcement ID:	SUSE-SU-2026:2370-1
Release Date:	2026-06-11T13:23:43Z
Rating:	important
References:	bsc#1260415 bsc#1260420 bsc#1265229 bsc#1265231 bsc#1265232 bsc#1265233 bsc#1266215
Cross-References:	CVE-2026-27651 CVE-2026-32647 CVE-2026-40701 CVE-2026-42934 CVE-2026-42945 CVE-2026-42946 CVE-2026-9256
CVSS scores:	CVE-2026-27651 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-27651 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-27651 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-27651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-32647 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-32647 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-32647 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-32647 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2026-40701 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVE-2026-40701 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2026-40701 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-40701 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2026-42934 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-42934 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2026-42934 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-42934 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L CVE-2026-42945 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2026-42945 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2026-42945 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-42945 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-42946 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-42946 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L CVE-2026-42946 ( NVD ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-42946 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L CVE-2026-9256 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-9256 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:	openSUSE Leap 15.4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP4 LTSS SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server 15 SP5 LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves seven vulnerabilities can now be installed.

Description:

This update for nginx fixes the following issues

• CVE-2026-9256: heap buffer overflow in the ngx_http_rewrite_module when using a configuration with overlapping captures (bsc#1266215).
• CVE-2026-27651: denial of service via undisclosed requests when the ngx_mail_auth_http_module is enabled (bsc#1260415).
• CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file (bsc#1260420).
• CVE-2026-40701: heap use-after-free in the worker process when the ssl_verify_client and the ssl_ocsp directives are set due to issue in the ngx_http_ssl_module module (bsc#1265229).
• CVE-2026-42934: heap buffer overread in the worker process due to issue in the ngx_http_charset_module module (bsc#1265231).
• CVE-2026-42945: heap buffer overflow via crafted HTTP requests due to issue in ngx_http_rewrite_module (bsc#1265232).
• CVE-2026-42946: excessive memory allocation and data overread due to issue in the ngx_http_scgi_module and ngx_http_uwsgi_module modules (bsc#1265233).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server 15 SP5 LTSS
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2370=1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4
  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2370=1
• openSUSE Leap 15.4
  zypper in -t patch SUSE-2026-2370=1
• SUSE Linux Enterprise Server for SAP Applications 15 SP5
  zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2370=1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2370=1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2370=1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2370=1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2370=1
• SUSE Linux Enterprise Server 15 SP4 LTSS
  zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2370=1

Package List:

• SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
• openSUSE Leap 15.4 (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
  • nginx-source-1.21.5-150400.3.20.1
• SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
  • nginx-debugsource-1.21.5-150400.3.20.1
  • nginx-1.21.5-150400.3.20.1
  • nginx-debuginfo-1.21.5-150400.3.20.1
• SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
  • nginx-source-1.21.5-150400.3.20.1

References:

• https://www.suse.com/security/cve/CVE-2026-27651.html
• https://www.suse.com/security/cve/CVE-2026-32647.html
• https://www.suse.com/security/cve/CVE-2026-40701.html
• https://www.suse.com/security/cve/CVE-2026-42934.html
• https://www.suse.com/security/cve/CVE-2026-42945.html
• https://www.suse.com/security/cve/CVE-2026-42946.html
• https://www.suse.com/security/cve/CVE-2026-9256.html
• https://bugzilla.suse.com/show_bug.cgi?id=1260415
• https://bugzilla.suse.com/show_bug.cgi?id=1260420
• https://bugzilla.suse.com/show_bug.cgi?id=1265229
• https://bugzilla.suse.com/show_bug.cgi?id=1265231
• https://bugzilla.suse.com/show_bug.cgi?id=1265232
• https://bugzilla.suse.com/show_bug.cgi?id=1265233
• https://bugzilla.suse.com/show_bug.cgi?id=1266215