Bug 2450791 (CVE-2026-27651)

Summary: CVE-2026-27651 NGINX: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in NGINX, specifically within the ngx_mail_auth_http_module. When this module is enabled, and CRAM-MD5 or APOP authentication is active with an authentication server that permits retries, undisclosed requests can cause NGINX worker processes to terminate. This can lead to a Denial of Service (DoS), making the affected NGINX instance unavailable to legitimate users.
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2450834, 2450837, 2450838, 2450839    
Bug Blocks:    

Description OSIDB Bzimport 2026-03-24 15:02:57 UTC
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by returning the Auth-Wait response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Comment 2 errata-xmlrpc 2026-04-07 18:36:51 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10

Via RHSA-2026:6906 https://access.redhat.com/errata/RHSA-2026:6906

Comment 3 errata-xmlrpc 2026-04-07 20:37:41 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2026:6907 https://access.redhat.com/errata/RHSA-2026:6907

Comment 4 errata-xmlrpc 2026-04-07 21:36:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:6923 https://access.redhat.com/errata/RHSA-2026:6923

Comment 5 errata-xmlrpc 2026-04-08 08:02:31 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:7002 https://access.redhat.com/errata/RHSA-2026:7002

Comment 6 errata-xmlrpc 2026-04-09 18:53:47 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2026:7343 https://access.redhat.com/errata/RHSA-2026:7343

Comment 11 errata-xmlrpc 2026-05-05 08:35:54 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 10.0 Extended Update Support

Via RHSA-2026:13634 https://access.redhat.com/errata/RHSA-2026:13634

Comment 12 errata-xmlrpc 2026-05-05 10:26:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:13680 https://access.redhat.com/errata/RHSA-2026:13680

Comment 13 errata-xmlrpc 2026-05-05 18:06:53 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:13839 https://access.redhat.com/errata/RHSA-2026:13839

Comment 14 errata-xmlrpc 2026-05-07 19:01:57 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions

Via RHSA-2026:14836 https://access.redhat.com/errata/RHSA-2026:14836

Comment 15 errata-xmlrpc 2026-05-11 08:07:23 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2026:15942 https://access.redhat.com/errata/RHSA-2026:15942

Comment 16 errata-xmlrpc 2026-05-11 08:42:18 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.4 Extended Update Support

Via RHSA-2026:15943 https://access.redhat.com/errata/RHSA-2026:15943

Comment 17 errata-xmlrpc 2026-05-11 09:33:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:15945 https://access.redhat.com/errata/RHSA-2026:15945

Comment 18 errata-xmlrpc 2026-05-11 10:49:45 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.6 Extended Update Support

Via RHSA-2026:15966 https://access.redhat.com/errata/RHSA-2026:15966