nginx:1.24 security update
エラータID: AXSA:2026-1164:01
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage.
Security Fix(es):
* nginx: ngx_http_rewrite_module: code execution and denial of service (CVE-2026-9256)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2026-9256
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression (PCRE) captures (for example, ^/((.*))$) and a replacement string that references multiple such captures (for example, $1$2) in a redirect or arguments context. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Modularity name: "nginx"
Stream name: "1.24"
Update packages.
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression (PCRE) captures (for example, ^/((.*))$) and a replacement string that references multiple such captures (for example, $1$2) in a redirect or arguments context. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
N/A
SRPMS
- nginx-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.src.rpm
MD5: a7a246dab7ed6a265e535ef16495e6ea
SHA-256: 5bf907d4b390fd714e8d9cf5d55e168a769b92f83338139bba8a54250be62555
Size: 1.12 MB
Asianux Server 8 for x86_64
- nginx-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: 89c5fbbb2cce54dec2d35a33a618dd2d
SHA-256: fd88740d4571b73e133cf2b26f2ea5ed30d87f9759b1d181aad48bcc5ea8c922
Size: 600.45 kB - nginx-all-modules-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.noarch.rpm
MD5: 59bde6d00fe480d2cf33be3d67bb5c0a
SHA-256: 1204b337b5aa937617cf39bb97d08d433d4c4b178a82efa3185ec8836dda7218
Size: 25.58 kB - nginx-debugsource-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: 5984253dc724c1ab1e1ad1d343be8837
SHA-256: 12afcd6c5bba374bd61c3d71adb3f25e91cffd5e9c088b2824154ca3c1eb365e
Size: 697.89 kB - nginx-filesystem-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.noarch.rpm
MD5: c38f82773eb848a298411e1a1d6284c6
SHA-256: 4d316f1f1b69379d8f11b9a6004b72dcdc00c0fa4f8e6c284bb43f1d7555f019
Size: 26.55 kB - nginx-mod-devel-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: f47e8a3aca868d00352087a3a84b5fc2
SHA-256: b48455316d882749dad00da06734f38031a8ff45a43ee7502d92c14787141a6a
Size: 967.07 kB - nginx-mod-http-image-filter-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: 0d0b59866d3b638a008d2cb8a4a6ac25
SHA-256: 54e14960a70159637db960e362f7c6f66dbe146b8978d23571e6e74a5abd4f43
Size: 36.98 kB - nginx-mod-http-perl-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: fded45c91bdc337b0221920dd4c1c499
SHA-256: 9ead2cd7dc8156c2d9d5edae78e05d05735ecad4e9179205c12d29a25c125f0a
Size: 48.75 kB - nginx-mod-http-xslt-filter-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: 706d087d6c10b2c89668daaded823f8f
SHA-256: ba807a5df14b98b307b9eae968f528f860d5cb2f3fed783487fcfb463a4e4ac9
Size: 35.61 kB - nginx-mod-mail-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: ffc967d26e774139d0718aabae530c94
SHA-256: 53b5ce525769422660e1bbcd077d08f426989cc7e7279c138bdf35b76c77fdf6
Size: 69.25 kB - nginx-mod-stream-1.24.0-3.module+el8+1997+105d7bbb.2.ML.1.x86_64.rpm
MD5: df1e0a9a9f01275482698b7307b80cc3
SHA-256: 401b29c7e3d26c6d8a72e20f3e2c8af79c442dcb2efc29c328876334a2c6b5ca
Size: 96.23 kB