2388238 – (CVE-2025-53859) CVE-2025-53859 nginx: NGINX ngx_mail_smtp_module vulnerability

Bug 2388238 (CVE-2025-53859) - CVE-2025-53859 nginx: NGINX ngx_mail_smtp_module vulnerability

Summary: CVE-2025-53859 nginx: NGINX ngx_mail_smtp_module vulnerability

Keywords:
Status:	NEW
Alias:	CVE-2025-53859
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2388410 2388411
Blocks:
TreeView+	depends on / blocked

Reported:	2025-08-13 15:01 UTC by OSIDB Bzimport
Modified:	2025-08-14 14:31 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-08-13 15:01:36 UTC

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header.




Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Note You need to log in before you can comment on or make changes to this bug.