csaf_opensuse - opensuse-su-2019:0195-1

opensuse-su-2019:0195-1

Vulnerability from csaf_opensuse

Published

2019-03-23 10:59

Modified

2019-03-23 10:59

Summary

Security update for nginx

Notes

Title of the patch

Security update for nginx

Description of the patch

This update for nginx fixes the following issues: nginx was updated to 1.14.2: - Bugfix: nginx could not be built on Fedora 28 Linux. - Bugfix: in handling of client addresses when using unix domain listen sockets to work with datagrams on Linux. - Change: the logging level of the 'http request', 'https proxy request', 'unsupported protocol', 'version too low', 'no suitable key share', and 'no suitable signature algorithm' SSL errors has been lowered from 'crit' to 'info'. - Bugfix: when using OpenSSL 1.1.0 or newer it was not possible to switch off 'ssl_prefer_server_ciphers' in a virtual server if it was switched on in the default server. - Bugfix: nginx could not be built with LibreSSL 2.8.0. - Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL 1.1.1, the TLS 1.3 protocol was always enabled. - Bugfix: sending a disk-buffered request body to a gRPC backend might fail. - Bugfix: connections with some gRPC backends might not be cached when using the 'keepalive' directive. - Bugfix: a segmentation fault might occur in a worker process if the ngx_http_mp4_module was used on 32-bit platforms. Changes with nginx 1.14.1: - Security: when using HTTP/2 a client might cause excessive memory consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844). - Security: processing of a specially crafted mp4 file with the ngx_http_mp4_module might result in worker process memory disclosure (CVE-2018-16845). - Bugfix: working with gRPC backends might result in excessive memory consumption. Changes with nginx 1.13.12: - Bugfix: connections with gRPC backends might be closed unexpectedly when returning a large response. Changes with nginx 1.13.10 - Feature: the 'set' parameter of the 'include' SSI directive now allows writing arbitrary responses to a variable; the 'subrequest_output_buffer_size' directive defines maximum response size. - Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available, to avoid timeouts being incorrectly triggered on system time changes. - Feature: the 'escape=none' parameter of the 'log_format' directive. Thanks to Johannes Baiter and Calin Don. - Feature: the $ssl_preread_alpn_protocols variable in the ngx_stream_ssl_preread_module. - Feature: the ngx_http_grpc_module. - Bugfix: in memory allocation error handling in the 'geo' directive. - Bugfix: when using variables in the 'auth_basic_user_file' directive a null character might appear in logs. Thanks to Vadim Filimonov.

Patchnames

openSUSE-2019-195

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for nginx",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for nginx fixes the following issues:\n\nnginx was updated to 1.14.2:\n\n- Bugfix: nginx could not be built on Fedora 28 Linux.\n- Bugfix: in handling of client addresses when using unix domain\n  listen sockets to work with datagrams on Linux.\n- Change: the logging level of the \u0027http request\u0027, \u0027https proxy\n  request\u0027, \u0027unsupported protocol\u0027, \u0027version too low\u0027,\n  \u0027no suitable key share\u0027, and \u0027no suitable signature algorithm\u0027\n  SSL errors has been lowered from \u0027crit\u0027 to \u0027info\u0027.\n- Bugfix: when using OpenSSL 1.1.0 or newer it was not possible\n  to switch off \u0027ssl_prefer_server_ciphers\u0027 in a virtual server\n  if it was switched on in the default server.\n- Bugfix: nginx could not be built with LibreSSL 2.8.0.\n- Bugfix: if nginx was built with OpenSSL 1.1.0 and used with\n  OpenSSL 1.1.1, the TLS 1.3 protocol was always enabled.\n- Bugfix: sending a disk-buffered request body to a gRPC backend\n  might fail.\n- Bugfix: connections with some gRPC backends might not be cached when\n  using the \u0027keepalive\u0027 directive.\n- Bugfix: a segmentation fault might occur in a worker process if the\n  ngx_http_mp4_module was used on 32-bit platforms.\n\nChanges with nginx 1.14.1:\n\n- Security: when using HTTP/2 a client might cause excessive memory\n  consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).\n- Security: processing of a specially crafted mp4 file with the\n  ngx_http_mp4_module might result in worker process memory disclosure\n  (CVE-2018-16845).\n- Bugfix: working with gRPC backends might result in excessive memory\n  consumption.\n\nChanges with nginx 1.13.12:\n\n- Bugfix: connections with gRPC backends might be closed unexpectedly\n  when returning a large response.\n\nChanges with nginx 1.13.10\n\n- Feature: the \u0027set\u0027 parameter of the \u0027include\u0027 SSI \n  directive now allows writing arbitrary responses to a\n  variable; the \u0027subrequest_output_buffer_size\u0027 directive\n  defines maximum response size.\n- Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available,\n  to avoid timeouts being incorrectly triggered on system time changes.\n- Feature: the \u0027escape=none\u0027 parameter of the \u0027log_format\u0027 directive.\n  Thanks to Johannes Baiter and Calin Don.\n- Feature: the $ssl_preread_alpn_protocols variable in the\n  ngx_stream_ssl_preread_module.\n- Feature: the ngx_http_grpc_module.\n- Bugfix: in memory allocation error handling in the \u0027geo\u0027 directive.\n- Bugfix: when using variables in the \u0027auth_basic_user_file\u0027 directive\n  a null character might appear in logs.\n  Thanks to Vadim Filimonov.\n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2019-195",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0195-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2019:0195-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BANOBXLWHZASXZTGTJCX7HNMKYECPLOA/#BANOBXLWHZASXZTGTJCX7HNMKYECPLOA"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2019:0195-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BANOBXLWHZASXZTGTJCX7HNMKYECPLOA/#BANOBXLWHZASXZTGTJCX7HNMKYECPLOA"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115015",
        "url": "https://bugzilla.suse.com/1115015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115022",
        "url": "https://bugzilla.suse.com/1115022"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115025",
        "url": "https://bugzilla.suse.com/1115025"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16843 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16843/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16844 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16844/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-16845 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-16845/"
      }
    ],
    "title": "Security update for nginx",
    "tracking": {
      "current_release_date": "2019-03-23T10:59:22Z",
      "generator": {
        "date": "2019-03-23T10:59:22Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2019:0195-1",
      "initial_release_date": "2019-03-23T10:59:22Z",
      "revision_history": [
        {
          "date": "2019-03-23T10:59:22Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nginx-1.14.2-16.1.aarch64",
                "product": {
                  "name": "nginx-1.14.2-16.1.aarch64",
                  "product_id": "nginx-1.14.2-16.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vim-plugin-nginx-1.14.2-16.1.noarch",
                "product": {
                  "name": "vim-plugin-nginx-1.14.2-16.1.noarch",
                  "product_id": "vim-plugin-nginx-1.14.2-16.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nginx-1.14.2-16.1.ppc64le",
                "product": {
                  "name": "nginx-1.14.2-16.1.ppc64le",
                  "product_id": "nginx-1.14.2-16.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nginx-1.14.2-16.1.s390x",
                "product": {
                  "name": "nginx-1.14.2-16.1.s390x",
                  "product_id": "nginx-1.14.2-16.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "nginx-1.14.2-16.1.x86_64",
                "product": {
                  "name": "nginx-1.14.2-16.1.x86_64",
                  "product_id": "nginx-1.14.2-16.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 12",
                "product": {
                  "name": "SUSE Package Hub 12",
                  "product_id": "SUSE Package Hub 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.0",
                "product": {
                  "name": "openSUSE Leap 15.0",
                  "product_id": "openSUSE Leap 15.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.aarch64 as component of SUSE Package Hub 12",
          "product_id": "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64"
        },
        "product_reference": "nginx-1.14.2-16.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.ppc64le as component of SUSE Package Hub 12",
          "product_id": "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le"
        },
        "product_reference": "nginx-1.14.2-16.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.s390x as component of SUSE Package Hub 12",
          "product_id": "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x"
        },
        "product_reference": "nginx-1.14.2-16.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.x86_64 as component of SUSE Package Hub 12",
          "product_id": "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64"
        },
        "product_reference": "nginx-1.14.2-16.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-plugin-nginx-1.14.2-16.1.noarch as component of SUSE Package Hub 12",
          "product_id": "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch"
        },
        "product_reference": "vim-plugin-nginx-1.14.2-16.1.noarch",
        "relates_to_product_reference": "SUSE Package Hub 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.aarch64 as component of openSUSE Leap 15.0",
          "product_id": "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64"
        },
        "product_reference": "nginx-1.14.2-16.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.ppc64le as component of openSUSE Leap 15.0",
          "product_id": "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le"
        },
        "product_reference": "nginx-1.14.2-16.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.s390x as component of openSUSE Leap 15.0",
          "product_id": "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x"
        },
        "product_reference": "nginx-1.14.2-16.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nginx-1.14.2-16.1.x86_64 as component of openSUSE Leap 15.0",
          "product_id": "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64"
        },
        "product_reference": "nginx-1.14.2-16.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "vim-plugin-nginx-1.14.2-16.1.noarch as component of openSUSE Leap 15.0",
          "product_id": "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
        },
        "product_reference": "vim-plugin-nginx-1.14.2-16.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-16843",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16843"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the \u0027http2\u0027 option of the \u0027listen\u0027 directive is used in a configuration file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
          "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
          "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16843",
          "url": "https://www.suse.com/security/cve/CVE-2018-16843"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115022 for CVE-2018-16843",
          "url": "https://bugzilla.suse.com/1115022"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115025 for CVE-2018-16843",
          "url": "https://bugzilla.suse.com/1115025"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
            "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
            "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
            "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
            "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-03-23T10:59:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-16843"
    },
    {
      "cve": "CVE-2018-16844",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16844"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the \u0027http2\u0027 option of the \u0027listen\u0027 directive is used in a configuration file.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
          "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
          "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16844",
          "url": "https://www.suse.com/security/cve/CVE-2018-16844"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115022 for CVE-2018-16844",
          "url": "https://bugzilla.suse.com/1115022"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115025 for CVE-2018-16844",
          "url": "https://bugzilla.suse.com/1115025"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
            "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
            "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
            "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
            "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-03-23T10:59:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-16844"
    },
    {
      "cve": "CVE-2018-16845",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-16845"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
          "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
          "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
          "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
          "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-16845",
          "url": "https://www.suse.com/security/cve/CVE-2018-16845"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115015 for CVE-2018-16845",
          "url": "https://bugzilla.suse.com/1115015"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
            "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
            "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Package Hub 12:nginx-1.14.2-16.1.aarch64",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.ppc64le",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.s390x",
            "SUSE Package Hub 12:nginx-1.14.2-16.1.x86_64",
            "SUSE Package Hub 12:vim-plugin-nginx-1.14.2-16.1.noarch",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.aarch64",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.ppc64le",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.s390x",
            "openSUSE Leap 15.0:nginx-1.14.2-16.1.x86_64",
            "openSUSE Leap 15.0:vim-plugin-nginx-1.14.2-16.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2019-03-23T10:59:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-16845"
    }
  ]
}

CVE-2018-16845 (GCVE-0-2018-16845)

Vulnerability from cvelistv5

Published

2018-11-07 14:00

Modified

2024-08-05 10:32

Severity ?

8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

CWE

CWE-400

Summary

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.

References

►

URL

Tags

	https://www.debian.org/security/2018/dsa-4335	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:3680	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:3681	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/105868	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1042039	vdb-entry, x_refsource_SECTRACK
	https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:3653	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:3652	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3812-1/	vendor-advisory, x_refsource_UBUNTU
	http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html	vendor-advisory, x_refsource_SUSE
	https://support.apple.com/kb/HT212818	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2021/Sep/36	mailing-list, x_refsource_FULLDISC

Impacted products

	Vendor	Product	Version
	[UNKNOWN]	nginx	Version: 1.15.6 Version: 1.14.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:54.012Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4335",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4335"
          },
          {
            "name": "RHSA-2018:3680",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3680"
          },
          {
            "name": "RHSA-2018:3681",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3681"
          },
          {
            "name": "105868",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105868"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845"
          },
          {
            "name": "1042039",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042039"
          },
          {
            "name": "[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html"
          },
          {
            "name": "RHSA-2018:3653",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3653"
          },
          {
            "name": "RHSA-2018:3652",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3652"
          },
          {
            "name": "USN-3812-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3812-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html"
          },
          {
            "name": "openSUSE-SU-2019:2120",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT212818"
          },
          {
            "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nginx",
          "vendor": "[UNKNOWN]",
          "versions": [
            {
              "status": "affected",
              "version": "1.15.6"
            },
            {
              "status": "affected",
              "version": "1.14.1"
            }
          ]
        }
      ],
      "datePublic": "2018-11-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-21T23:07:09",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-4335",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4335"
        },
        {
          "name": "RHSA-2018:3680",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3680"
        },
        {
          "name": "RHSA-2018:3681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3681"
        },
        {
          "name": "105868",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105868"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845"
        },
        {
          "name": "1042039",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042039"
        },
        {
          "name": "[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html"
        },
        {
          "name": "RHSA-2018:3653",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3653"
        },
        {
          "name": "RHSA-2018:3652",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3652"
        },
        {
          "name": "USN-3812-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3812-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html"
        },
        {
          "name": "openSUSE-SU-2019:2120",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT212818"
        },
        {
          "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2018-16845",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "nginx",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.15.6"
                          },
                          {
                            "version_value": "1.14.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "[UNKNOWN]"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "8.2/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4335",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4335"
            },
            {
              "name": "RHSA-2018:3680",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3680"
            },
            {
              "name": "RHSA-2018:3681",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3681"
            },
            {
              "name": "105868",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105868"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845"
            },
            {
              "name": "1042039",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042039"
            },
            {
              "name": "[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00010.html"
            },
            {
              "name": "RHSA-2018:3653",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3653"
            },
            {
              "name": "RHSA-2018:3652",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3652"
            },
            {
              "name": "USN-3812-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3812-1/"
            },
            {
              "name": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html",
              "refsource": "MISC",
              "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html"
            },
            {
              "name": "openSUSE-SU-2019:2120",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
            },
            {
              "name": "https://support.apple.com/kb/HT212818",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT212818"
            },
            {
              "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-16845",
    "datePublished": "2018-11-07T14:00:00",
    "dateReserved": "2018-09-11T00:00:00",
    "dateUpdated": "2024-08-05T10:32:54.012Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-16843 (GCVE-0-2018-16843)

Vulnerability from cvelistv5

Published

2018-11-07 14:00

Modified

2024-08-05 10:32

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400

Summary

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.

References

►

URL

Tags

	https://www.debian.org/security/2018/dsa-4335	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:3680	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:3681	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/105868	vdb-entry, x_refsource_BID
	http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html	x_refsource_MISC
	http://www.securitytracker.com/id/1042038	vdb-entry, x_refsource_SECTRACK
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16843	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:3653	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3812-1/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html	vendor-advisory, x_refsource_SUSE
	https://support.apple.com/kb/HT212818	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2021/Sep/36	mailing-list, x_refsource_FULLDISC

Impacted products

	Vendor	Product	Version
	[UNKNOWN]	nginx	Version: 1.15.6 Version: 1.14.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:54.156Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4335",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4335"
          },
          {
            "name": "RHSA-2018:3680",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3680"
          },
          {
            "name": "RHSA-2018:3681",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3681"
          },
          {
            "name": "105868",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105868"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
          },
          {
            "name": "1042038",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042038"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16843"
          },
          {
            "name": "RHSA-2018:3653",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3653"
          },
          {
            "name": "USN-3812-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3812-1/"
          },
          {
            "name": "openSUSE-SU-2019:2120",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT212818"
          },
          {
            "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nginx",
          "vendor": "[UNKNOWN]",
          "versions": [
            {
              "status": "affected",
              "version": "1.15.6"
            },
            {
              "status": "affected",
              "version": "1.14.1"
            }
          ]
        }
      ],
      "datePublic": "2018-11-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the \u0027http2\u0027 option of the \u0027listen\u0027 directive is used in a configuration file."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-21T23:07:04",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-4335",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4335"
        },
        {
          "name": "RHSA-2018:3680",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3680"
        },
        {
          "name": "RHSA-2018:3681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3681"
        },
        {
          "name": "105868",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105868"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
        },
        {
          "name": "1042038",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042038"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16843"
        },
        {
          "name": "RHSA-2018:3653",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3653"
        },
        {
          "name": "USN-3812-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3812-1/"
        },
        {
          "name": "openSUSE-SU-2019:2120",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT212818"
        },
        {
          "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2018-16843",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "nginx",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.15.6"
                          },
                          {
                            "version_value": "1.14.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "[UNKNOWN]"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the \u0027http2\u0027 option of the \u0027listen\u0027 directive is used in a configuration file."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4335",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4335"
            },
            {
              "name": "RHSA-2018:3680",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3680"
            },
            {
              "name": "RHSA-2018:3681",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3681"
            },
            {
              "name": "105868",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105868"
            },
            {
              "name": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html",
              "refsource": "MISC",
              "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
            },
            {
              "name": "1042038",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042038"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16843",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16843"
            },
            {
              "name": "RHSA-2018:3653",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3653"
            },
            {
              "name": "USN-3812-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3812-1/"
            },
            {
              "name": "openSUSE-SU-2019:2120",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
            },
            {
              "name": "https://support.apple.com/kb/HT212818",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT212818"
            },
            {
              "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-16843",
    "datePublished": "2018-11-07T14:00:00",
    "dateReserved": "2018-09-11T00:00:00",
    "dateUpdated": "2024-08-05T10:32:54.156Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-16844 (GCVE-0-2018-16844)

Vulnerability from cvelistv5

Published

2018-11-07 14:00

Modified

2024-08-05 10:32

Severity ?

5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400

Summary

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.

References

►

URL

Tags

	https://www.debian.org/security/2018/dsa-4335	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16844	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:3680	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:3681	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/105868	vdb-entry, x_refsource_BID
	http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html	x_refsource_MISC
	http://www.securitytracker.com/id/1042038	vdb-entry, x_refsource_SECTRACK
	https://usn.ubuntu.com/3812-1/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html	vendor-advisory, x_refsource_SUSE
	https://support.apple.com/kb/HT212818	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2021/Sep/36	mailing-list, x_refsource_FULLDISC

Impacted products

	Vendor	Product	Version
	[UNKNOWN]	nginx	Version: 1.15.6 Version: 1.14.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:32:54.086Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "DSA-4335",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4335"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16844"
          },
          {
            "name": "RHSA-2018:3680",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3680"
          },
          {
            "name": "RHSA-2018:3681",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:3681"
          },
          {
            "name": "105868",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105868"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
          },
          {
            "name": "1042038",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1042038"
          },
          {
            "name": "USN-3812-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3812-1/"
          },
          {
            "name": "openSUSE-SU-2019:2120",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT212818"
          },
          {
            "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nginx",
          "vendor": "[UNKNOWN]",
          "versions": [
            {
              "status": "affected",
              "version": "1.15.6"
            },
            {
              "status": "affected",
              "version": "1.14.1"
            }
          ]
        }
      ],
      "datePublic": "2018-11-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the \u0027http2\u0027 option of the \u0027listen\u0027 directive is used in a configuration file."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-21T23:06:54",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "DSA-4335",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4335"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16844"
        },
        {
          "name": "RHSA-2018:3680",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3680"
        },
        {
          "name": "RHSA-2018:3681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:3681"
        },
        {
          "name": "105868",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105868"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
        },
        {
          "name": "1042038",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1042038"
        },
        {
          "name": "USN-3812-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3812-1/"
        },
        {
          "name": "openSUSE-SU-2019:2120",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT212818"
        },
        {
          "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2018-16844",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "nginx",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "1.15.6"
                          },
                          {
                            "version_value": "1.14.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "[UNKNOWN]"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the \u0027http2\u0027 option of the \u0027listen\u0027 directive is used in a configuration file."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-4335",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4335"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16844",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16844"
            },
            {
              "name": "RHSA-2018:3680",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3680"
            },
            {
              "name": "RHSA-2018:3681",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:3681"
            },
            {
              "name": "105868",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105868"
            },
            {
              "name": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html",
              "refsource": "MISC",
              "url": "http://mailman.nginx.org/pipermail/nginx-announce/2018/000220.html"
            },
            {
              "name": "1042038",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1042038"
            },
            {
              "name": "USN-3812-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3812-1/"
            },
            {
              "name": "openSUSE-SU-2019:2120",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html"
            },
            {
              "name": "https://support.apple.com/kb/HT212818",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT212818"
            },
            {
              "name": "20210921 APPLE-SA-2021-09-20-4 Xcode 13",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2021/Sep/36"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-16844",
    "datePublished": "2018-11-07T14:00:00",
    "dateReserved": "2018-09-11T00:00:00",
    "dateUpdated": "2024-08-05T10:32:54.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

opensuse-su-2019:0195-1

Vulnerability from csaf_opensuse

CVE-2018-16845 (GCVE-0-2018-16845)

Vulnerability from cvelistv5

CVE-2018-16843 (GCVE-0-2018-16843)

Vulnerability from cvelistv5

CVE-2018-16844 (GCVE-0-2018-16844)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature