nginx could be made to crash or run programs if it received specially
crafted network traffic.
Software Description:
- nginx: small, powerful, scalable web/proxy server
Details:
Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: nginx 1.18.0-6ubuntu8.2 nginx-common 1.18.0-6ubuntu8.2 nginx-core 1.18.0-6ubuntu8.2 nginx-extras 1.18.0-6ubuntu8.2 nginx-full 1.18.0-6ubuntu8.2 nginx-light 1.18.0-6ubuntu8.2 Ubuntu 20.10: nginx 1.18.0-6ubuntu2.2 nginx-common 1.18.0-6ubuntu2.2 nginx-core 1.18.0-6ubuntu2.2 nginx-extras 1.18.0-6ubuntu2.2 nginx-full 1.18.0-6ubuntu2.2 nginx-light 1.18.0-6ubuntu2.2 Ubuntu 20.04 LTS: nginx 1.18.0-0ubuntu1.2 nginx-common 1.18.0-0ubuntu1.2 nginx-core 1.18.0-0ubuntu1.2 nginx-extras 1.18.0-0ubuntu1.2 nginx-full 1.18.0-0ubuntu1.2 nginx-light 1.18.0-0ubuntu1.2 Ubuntu 18.04 LTS: nginx 1.14.0-0ubuntu1.9 nginx-common 1.14.0-0ubuntu1.9 nginx-core 1.14.0-0ubuntu1.9 nginx-extras 1.14.0-0ubuntu1.9 nginx-full 1.14.0-0ubuntu1.9 nginx-light 1.14.0-0ubuntu1.9 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4967-1
CVE-2021-23017
Get the latest Linux and open source security news straight to your inbox.