Hide Forgot
The following flaw was found in the nginx resolver: Use-after-free condition might occur during CNAME response processing. This problem allows an attacker who is able to trigger name resolution to cause worker process crash, or might have potential other impact. This issue affects nginx only if the "resolver" directive is used in a configuration file. The problems are fixed in nginx upstream versions 1.9.10 and 1.8.1. External References: http://mailman.nginx.org/pipermail/nginx-announce/2016/000169.html
Created nginx tracking bugs for this issue: Affects: fedora-all [bug 1302592]
Bug 1302589 comment 3 as few notes on how nginx resolver is used.
These upstream commits seem relevant to this issue: https://trac.nginx.org/nginx/changeset/f63dd04c158062d73fcb6aff59124910fa1fae75/nginx https://trac.nginx.org/nginx/changeset/838946300825379ccdd3acfb131cf66d6ae3cb85/nginx https://trac.nginx.org/nginx/changeset/5557bf31e25da68d5cda19dbc91d86f47430df1f/nginx https://trac.nginx.org/nginx/changeset/dac6eda40475f08b7372159d78dad1e13cd5bc7f/nginx
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Via RHSA-2016:1425 https://access.redhat.com/errata/RHSA-2016:1425