ArchLinux: 201701-24: nginx-mainline: privilege escalation
Summary
A symlink attack vulnerability was discovered in nginx. An attacker who could already run commands under the nginx user id could use this access to append data to files owned by root, potentially elevating their own privileges to root.
Resolution
Upgrade to 1.11.8-2.
# pacman -Syu "nginx-mainline>=1.11.8-2"
The problem has been fixed upstream but no release is available yet.
References
https://bugs.archlinux.org/task/52547 https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html https://security.archlinux.org/CVE-2016-1247
Workaround
None.