Details of VAR-202210-1347

ID

VAR-202210-1347

CVE

CVE-2022-41741

TITLE

F5 Nginx Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202210-1419

DESCRIPTION

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. F5 BIG-IP and so on are all products of F5 Company in the United States. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. F5 F5OS-A is an operating system software. F5 BIG-IP, BIG-IQ, F5OS-A, and F5OS-C have buffer error vulnerabilities. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5281-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff November 15, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nginx CVE ID : CVE-2022-41741 CVE-2022-41742 It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial of service, memory disclosure or potentially the execution of arbitrary code when processing a malformed mp4 file. This module is only enabled in the nginx-extras binary package. For the stable distribution (bullseye), these problems have been fixed in version 1.18.0-6.1+deb11u3. We recommend that you upgrade your nginx packages. For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmNz9JcACgkQEMKTtsN8 Tjb4tg/7BRkAkF48UvvRjLolxVVuV1paSTRG8ArEeW3fHyA0fxs2UMuRL4ic1vqc i3wxAAfHvYoOnk+QBY20Ly2MN7S7OukNovKE9AZCPulyYkVjtIWNSBeY0PzCU60y RP/KCZAGoGEYi6s4SUrK194ved+7jIcybgLvvGA8FRKW3wTRvzRGMfR6NTLuP7B3 th0C5+KkapE8G5XlHWOIjv1h3Ok40cua7LtYx9RTITJ+wClvkJ6gPcCXXj/CnWWa PUvuEBwyr0PEBXfL9v1P8Eq1MmN+mWU9KeLYxIC+vcJxtpsYL67tMHIGTlDUgDVE FrXrDXi7XP/6hjl7t/J/cTPEwy/twX0emUQcUDlRNlOxh3skSmdPJP7DMu+t9UtQ suepgZ+oHfHh3gs9EWz2zRqbsVO03NjhKo9ebIjhe3H0P39cX3NN5qlSJeNTY45k VBDecnPQnhYqYuzqwXy5ZoUQDcU0Bo7zaUzeYhUsfXqrROV/tj+UTMrM2anHdQ4B kAOrCBpmGP1lLvDs2PzBcWmBtII/5VTKZep05xH0L+dZWDV07j1ekCzv3/kuKiMl GTJQ7yl3fgKjLdkjMFKQIfsm3xdYwzxjOmtEY86tUV0LjtdR2GlJtF4YdIQhA4b1 /R82ZisLfmZ4ElL+ua8iypLOe9reyO4EpVVDkeewFS64Ye1Wn3k=3mDY -----END PGP SIGNATURE----- . ========================================================================= Ubuntu Security Notice USN-5722-1 November 15, 2022 nginx vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in nginx. Software Description: - nginx: small, powerful, scalable web/proxy server Details: It was discovered that nginx incorrectly handled certain memory operations in the ngx_http_mp4_module module. (CVE-2022-41741, CVE-2022-41742) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: nginx 1.22.0-1ubuntu1.1 nginx-common 1.22.0-1ubuntu1.1 nginx-core 1.22.0-1ubuntu1.1 nginx-extras 1.22.0-1ubuntu1.1 nginx-full 1.22.0-1ubuntu1.1 nginx-light 1.22.0-1ubuntu1.1 Ubuntu 22.04 LTS: nginx 1.18.0-6ubuntu14.3 nginx-common 1.18.0-6ubuntu14.3 nginx-core 1.18.0-6ubuntu14.3 nginx-extras 1.18.0-6ubuntu14.3 nginx-full 1.18.0-6ubuntu14.3 nginx-light 1.18.0-6ubuntu14.3 Ubuntu 20.04 LTS: nginx 1.18.0-0ubuntu1.4 nginx-common 1.18.0-0ubuntu1.4 nginx-core 1.18.0-0ubuntu1.4 nginx-extras 1.18.0-0ubuntu1.4 nginx-full 1.18.0-0ubuntu1.4 nginx-light 1.18.0-0ubuntu1.4 Ubuntu 18.04 LTS: nginx 1.14.0-0ubuntu1.11 nginx-common 1.14.0-0ubuntu1.11 nginx-core 1.14.0-0ubuntu1.11 nginx-extras 1.14.0-0ubuntu1.11 nginx-full 1.14.0-0ubuntu1.11 nginx-light 1.14.0-0ubuntu1.11 Ubuntu 16.04 ESM: nginx 1.10.3-0ubuntu0.16.04.5+esm5 nginx-common 1.10.3-0ubuntu0.16.04.5+esm5 nginx-core 1.10.3-0ubuntu0.16.04.5+esm5 nginx-extras 1.10.3-0ubuntu0.16.04.5+esm5 nginx-full 1.10.3-0ubuntu0.16.04.5+esm5 nginx-light 1.10.3-0ubuntu0.16.04.5+esm5 Ubuntu 14.04 ESM: nginx 1.4.6-1ubuntu3.9+esm4 nginx-common 1.4.6-1ubuntu3.9+esm4 nginx-core 1.4.6-1ubuntu3.9+esm4 nginx-extras 1.4.6-1ubuntu3.9+esm4 nginx-full 1.4.6-1ubuntu3.9+esm4 nginx-light 1.4.6-1ubuntu3.9+esm4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5722-1 CVE-2022-41741, CVE-2022-41742 Package Information: https://launchpad.net/ubuntu/+source/nginx/1.22.0-1ubuntu1.1 https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.3 https://launchpad.net/ubuntu/+source/nginx/1.18.0-0ubuntu1.4 https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.11

Trust: 1.17

sources: NVD: CVE-2022-41741 // VULHUB: VHN-429567 // PACKETSTORM: 169909 // PACKETSTORM: 169833

AFFECTED PRODUCTS

vendor:	f5	model:	nginx	scope:	eq	version:	r1	Trust: 1.0
vendor:	f5	model:	nginx	scope:	eq	version:	1.23.1	Trust: 1.0
vendor:	f5	model:	nginx	scope:	gte	version:	r22	Trust: 1.0
vendor:	f5	model:	nginx ingress controller	scope:	lte	version:	1.12.4	Trust: 1.0
vendor:	f5	model:	nginx	scope:	lte	version:	1.22.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	11.0	Trust: 1.0
vendor:	f5	model:	nginx	scope:	eq	version:	r2	Trust: 1.0
vendor:	f5	model:	nginx ingress controller	scope:	lte	version:	2.4.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	35	Trust: 1.0
vendor:	f5	model:	nginx	scope:	lte	version:	r27	Trust: 1.0
vendor:	f5	model:	nginx	scope:	eq	version:	1.23.0	Trust: 1.0
vendor:	f5	model:	nginx ingress controller	scope:	gte	version:	1.9.0	Trust: 1.0
vendor:	f5	model:	nginx ingress controller	scope:	gte	version:	2.0.0	Trust: 1.0
vendor:	f5	model:	nginx	scope:	gte	version:	1.1.3	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	36	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	37	Trust: 1.0

sources: NVD: CVE-2022-41741

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-41741
value:	HIGH
Trust: 1.0
f5sirt@f5.com:	CVE-2022-41741
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202210-1419
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-41741
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
f5sirt@f5.com:	CVE-2022-41741
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: CNNVD: CNNVD-202210-1419 // NVD: CVE-2022-41741 // NVD: CVE-2022-41741

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.1

sources: VULHUB: VHN-429567 // NVD: CVE-2022-41741

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 169833 // CNNVD: CNNVD-202210-1419

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202210-1419

PATCH

title:

F5 Nginx Buffer error vulnerability fix

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=237454

Trust: 0.6

sources: CNNVD: CNNVD-202210-1419

EXTERNAL IDS

db:	NVD	id:	CVE-2022-41741	Trust: 1.9
db:	PACKETSTORM	id:	169909	Trust: 0.8
db:	PACKETSTORM	id:	169833	Trust: 0.8
db:	CNNVD	id:	CNNVD-202210-1419	Trust: 0.7
db:	AUSCERT	id:	ESB-2022.5236	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.6109	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.5959	Trust: 0.6
db:	VULHUB	id:	VHN-429567	Trust: 0.1

sources: VULHUB: VHN-429567 // PACKETSTORM: 169909 // PACKETSTORM: 169833 // CNNVD: CNNVD-202210-1419 // NVD: CVE-2022-41741

REFERENCES

url:	https://security.netapp.com/advisory/ntap-20230120-0005/	Trust: 1.7
url:	https://www.debian.org/security/2022/dsa-5281	Trust: 1.7
url:	https://support.f5.com/csp/article/k81926432	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html	Trust: 1.7
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bprvya4fs34vwb4fefynad7z2lfcjvei/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/fd6m3pvvko35wlaa7gldbs6teq26sm64/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wborrvg7vvxyoaiad64zhes2u2viukfq/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wborrvg7vvxyoaiad64zhes2u2viukfq/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/fd6m3pvvko35wlaa7gldbs6teq26sm64/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bprvya4fs34vwb4fefynad7z2lfcjvei/	Trust: 0.7
url:	https://packetstormsecurity.com/files/169833/ubuntu-security-notice-usn-5722-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5959	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-41741/	Trust: 0.6
url:	https://packetstormsecurity.com/files/169909/debian-security-advisory-5281-1.html	Trust: 0.6
url:	http-mp4-module-39638	Trust: 0.6
url:	https://vigilance.fr/vulnerability/nginx-two-vulnerabilities-via-ngx-	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.5236	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.6109	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2022-41741	Trust: 0.2
url:	https://security-tracker.debian.org/tracker/nginx	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-41742	Trust: 0.1
url:	https://ubuntu.com/security/notices/usn-5722-1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.11	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.18.0-0ubuntu1.4	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/nginx/1.22.0-1ubuntu1.1	Trust: 0.1

sources: VULHUB: VHN-429567 // PACKETSTORM: 169909 // PACKETSTORM: 169833 // CNNVD: CNNVD-202210-1419 // NVD: CVE-2022-41741

CREDITS

Debian

Trust: 0.1

sources: PACKETSTORM: 169909

SOURCES

db:	VULHUB	id:	VHN-429567
db:	PACKETSTORM	id:	169909
db:	PACKETSTORM	id:	169833
db:	CNNVD	id:	CNNVD-202210-1419
db:	NVD	id:	CVE-2022-41741

LAST UPDATE DATE

2024-08-14T13:05:16.820000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-429567	date:	2023-01-20T00:00:00
db:	CNNVD	id:	CNNVD-202210-1419	date:	2023-05-15T00:00:00
db:	NVD	id:	CVE-2022-41741	date:	2023-11-07T03:52:58.060

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-429567	date:	2022-10-19T00:00:00
db:	PACKETSTORM	id:	169909	date:	2022-11-16T16:11:49
db:	PACKETSTORM	id:	169833	date:	2022-11-15T16:38:50
db:	CNNVD	id:	CNNVD-202210-1419	date:	2022-10-19T00:00:00
db:	NVD	id:	CVE-2022-41741	date:	2022-10-19T22:15:12.647