ID

VAR-201811-0987

CVE

CVE-2018-16845

TITLE

nginx Information Disclosure Vulnerability

DESCRIPTION

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module. nginx Contains an information disclosure vulnerability.Information obtained and denial of service (DoS) May be in a state. nginx is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions. Versions prior to nginx 1.15.6 and 1.14.1 are vulnerable. nginx is a lightweight web server/reverse proxy server and email (IMAP/POP3) proxy server developed by Russian programmer Igor Sysoev. The vulnerability is caused by the program not processing MP4 files correctly. For the stable distribution (stretch), these problems have been fixed in version 1.10.3-1+deb9u2. We recommend that you upgrade your nginx packages. ========================================================================== Ubuntu Security Notice USN-3812-1 November 07, 2018 nginx vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in nginx. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16843) Gal Goldshtein discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive CPU usage, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16844) It was discovered that nginx incorrectly handled the ngx_http_mp4_module module. (CVE-2018-16845) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: nginx-common 1.15.5-0ubuntu2.1 nginx-core 1.15.5-0ubuntu2.1 nginx-extras 1.15.5-0ubuntu2.1 nginx-full 1.15.5-0ubuntu2.1 nginx-light 1.15.5-0ubuntu2.1 Ubuntu 18.04 LTS: nginx-common 1.14.0-0ubuntu1.2 nginx-core 1.14.0-0ubuntu1.2 nginx-extras 1.14.0-0ubuntu1.2 nginx-full 1.14.0-0ubuntu1.2 nginx-light 1.14.0-0ubuntu1.2 Ubuntu 16.04 LTS: nginx-common 1.10.3-0ubuntu0.16.04.3 nginx-core 1.10.3-0ubuntu0.16.04.3 nginx-extras 1.10.3-0ubuntu0.16.04.3 nginx-full 1.10.3-0ubuntu0.16.04.3 nginx-light 1.10.3-0ubuntu0.16.04.3 Ubuntu 14.04 LTS: nginx-common 1.4.6-1ubuntu3.9 nginx-core 1.4.6-1ubuntu3.9 nginx-extras 1.4.6-1ubuntu3.9 nginx-full 1.4.6-1ubuntu3.9 nginx-light 1.4.6-1ubuntu3.9 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: rh-nginx18-nginx security update Advisory ID: RHSA-2018:3652-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2018:3652 Issue date: 2018-11-26 CVE Names: CVE-2018-16845 ===================================================================== 1. Summary: An update for rh-nginx18-nginx is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fix(es): * nginx: Denial of service and memory disclosure via mp4 module (CVE-2018-16845) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Nginx project for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The rh-nginx18-nginx service must be restarted for this update to take effect. 5. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-nginx18-nginx-1.8.1-1.el6.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el6.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-nginx18-nginx-1.8.1-1.el6.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el6.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el6.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-nginx18-nginx-1.8.1-1.el7.1.src.rpm x86_64: rh-nginx18-nginx-1.8.1-1.el7.1.x86_64.rpm rh-nginx18-nginx-debuginfo-1.8.1-1.el7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-16845 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW/viKdzjgjWX9erEAQjSFA/+IYlcY+VkhYOzot4cXoMumMPj0zcn6Iuk TwHfLvfooC8KsM5PK3acSmv2526KlfWn9xi8QJ8YMIoZVX8+LPPC7gOVxmwAyYOn 4uOumQy5rulkk03UB7r6y7u34Xy5mftCXTOouOipvhiW2Na6aZWiRen7ZWRBcMMW okYWY03xJU7/OQafttfP3UUVAYiw5adZ6gAflhZA8q8JzF0RhZXnliyt4kpZ1kLj 8fr6q+9WDVdiHe9u1j1wIXwQglkPnpab+kW1k4KZ3pdJMzFr9unZURHbyDsqbxlh T5rNTFtoLO9rgksSYtkuK0D6MvxVu7MzHMl/X0IsCnFwwAjH9xbqftqX5G26pQR6 L2UlnBNnes+NG357E81aHJus6ioRpjzSsfIrFoU9N0K9llnfbEslwEr239GzF6hH sMO5vap7/i2bmYQ7++jw9jfF67K2AtFvZCa/tYWlilkWOM12BkP2HvuYXCgmtb6F 99oHxB5TyDKPb44epIvzKV/YtvoeHT6beKRIefJ3xstrq8to0f87NZhTTbk5rYt0 HPf5vLjoZO6SYequmHzn++zoAZubU+oZ3fE05jcbrJSwQeMHWLPTtBoBkmQq+l5y rYTxun0/RvYql6bZD4uHAxKzTxyAvrKw0dW+/DGNanQiwkk+/RpPrYTdMhVw4a5a ZrQQucuvvOo= =LfBW -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . The following packages have been upgraded to a later upstream version: rh-nginx114-nginx (1.14.1). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-20-4 Xcode 13 Xcode 13 addresses the following issues. IDE Xcode Server Available for: macOS Big Sur 11.3 and later Impact: Multiple issues in nginx Description: Multiple issues were addressed by updating nginx to version 1.21.0. CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2017-7529 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 Installation note: Xcode 13 may be obtained from: https://developer.apple.com/xcode/downloads/ To check that the Xcode has been updated: * Select Xcode in the menu bar * Select About Xcode * The version after applying this update will be "Xcode 13"

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

memory leak

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Gal Goldshtein from F5 Networks, and Maxim Konovalov (Nginx)

SOURCES

LAST UPDATE DATE

2024-09-17T20:04:14.221000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE