nginx:1.26 security update

エラータID: AXSA:2026-457:01

リリース日: 
2026/04/19 Sunday - 12:39
題名: 
nginx:1.26 security update
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- NGINX の ngx_mail_auth_http_module モジュールには、NULL
ポインタデリファレンスの問題があるため、リモートの攻撃者により、
サービス拒否攻撃 (DoS) を可能とする脆弱性が存在します。
(CVE-2026-27651)

- NGINX の ngx_http_dav_module モジュールには、バッファオーバー
フローの問題があるため、リモートの攻撃者により、データ破壊、および
サービス拒否攻撃 (DoS) を可能とする脆弱性が存在します。
(CVE-2026-27654)

- NGINX の ngx_http_mp4_module モジュールには、メモリ領域の
範囲外アクセスの問題があるため、リモートの攻撃者により、巧妙に
細工された MP4 ファイルを介して、メモリ破壊、およびサービス拒否攻撃
(DoS) を可能とする脆弱性が存在します。(CVE-2026-27784)

- NGINX の ngx_http_mp4_module モジュールには、メモリ領域の
範囲外アクセスの問題があるため、ローカルの攻撃者により、巧妙に
細工された MP4 ファイルを介して、情報の漏洩、データ破壊、および
サービス拒否攻撃を可能とする脆弱性が存在します。(CVE-2026-32647)

Modularity name: nginx
Stream name: 1.26

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2026-27651
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by returning the Auth-Wait response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-27654
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-27784
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2026-32647
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted MP4 file with the ngx_http_mp4_module module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. nginx-1.26.3-2.module+el9+1139+c4d9bee6.1.src.rpm
    MD5: 9f9db697ce8808bfeba0f03d10164e98
    SHA-256: b13accf1f1d16600ab9df6657c52b625a2eed20c2265b91848e595d9f52108fe
    Size: 1.28 MB

Asianux Server 9 for x86_64
  1. nginx-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 7370da9db4758ea80e07adfc7c354cbf
    SHA-256: 3fe6568e8a5a54abac829ac6818b53503729daeab2c4029e4ec434aa9d6e966a
    Size: 35.11 kB
  2. nginx-all-modules-1.26.3-2.module+el9+1139+c4d9bee6.1.noarch.rpm
    MD5: 06272273c4e7939a6f1c56087d1f67e6
    SHA-256: 298815eec459db595a9bcddc9def7e6cd73cacf875b0461773107e7d3258e948
    Size: 7.71 kB
  3. nginx-core-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 687d75cd2e2542bffe4ec2e56c10bcaf
    SHA-256: 990f94ba821ab69ac6066ed73b99f79aa3631b983c2ce242604466b68362b4cd
    Size: 666.10 kB
  4. nginx-debugsource-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 099090be873fe45c0d4da7e997c352fc
    SHA-256: 0e32e479319d28d528ec07ba3fbb70336ef10483b2f343c2cf98bfebe6a56da3
    Size: 700.53 kB
  5. nginx-filesystem-1.26.3-2.module+el9+1139+c4d9bee6.1.noarch.rpm
    MD5: 9c40fca65cc6ab9ca9e27c1dd2b84705
    SHA-256: 4d400c63d203cdd1759980ca12b740afde5ece0b966e94988e7a4c9d79ba0fca
    Size: 9.21 kB
  6. nginx-mod-devel-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 1ab534370d49878ea36ebdf83cc00316
    SHA-256: 3ccaa561a819e6622d1100ff80d7c61c66d912237dd403360442c6eeb952dacf
    Size: 0.96 MB
  7. nginx-mod-http-image-filter-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: a799dfbb6b34a5238e6188c1eb4bd3d3
    SHA-256: e9f20b16676f1c906a191b93cdd587121252545113a982d8ae67432e9bf82fba
    Size: 19.34 kB
  8. nginx-mod-http-perl-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 77a20089f72e3d6d898d108ce7dc95b4
    SHA-256: 357845c1d64e4d48153bdc7e5619a3107eed6122bfca109f252e69f7f52753da
    Size: 30.67 kB
  9. nginx-mod-http-xslt-filter-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 551acef7836e4359f33684b0af5a5ebb
    SHA-256: 8119bd8952863402eff47165005d35059298515fc1cb1b5ce408b48bd3fc59c0
    Size: 18.11 kB
  10. nginx-mod-mail-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 9acec00dff0195ac5efd9ae1bd1331d3
    SHA-256: 62a39a07d5e64ffba7e4de2742314d594a35105a36ad983088c22fbd61188259
    Size: 52.75 kB
  11. nginx-mod-stream-1.26.3-2.module+el9+1139+c4d9bee6.1.x86_64.rpm
    MD5: 88a6eb325ed6f4c14965088a5178b43a
    SHA-256: 52fecd79495588fdae92dcee959be337da5dc115332d496bb9549b196d5400d7
    Size: 84.43 kB