Maxim Dounin
2016-Jan-26 16:32 UTC
[nginx-announce] nginx security advisory (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)
Hello! Several problems in nginx resolver were identified, which might allow an attacker to cause worker process crash, or might have potential other impact: - Invalid pointer dereference might occur during DNS server response processing, allowing an attacker who is able to forge UDP packets from the DNS server to cause worker process crash (CVE-2016-0742). - Use-after-free condition might occur during CNAME response processing. This problem allows an attacker who is able to trigger name resolution to cause worker process crash, or might have potential other impact (CVE-2016-0746). - CNAME resolution was insufficiently limited, allowing an attacker who is able to trigger arbitrary name resolution to cause excessive resource consumption in worker processes (CVE-2016-0747). The problems affect nginx 0.6.18 - 1.9.9 if the "resolver" directive is used in a configuration file. The problems are fixed in nginx 1.9.10, 1.8.1. -- Maxim Dounin http://nginx.org/