It was discovered that nginx incorrectly handled when multiple server blocks are configured to share the same IP address and port. An attacker could use this issue to use session resumption to bypass client certificate authentication requirements on these servers. This issue only affected Ubuntu 24.10.
A buffer overflow and a null pointer deref was fixed in nginx rtmp module (#LP 1977718). This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-auth-pam" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-cache-purge" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-dav-ext" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-echo" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-fancyindex" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-geoip" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-geoip2" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-headers-more-filter" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-image-filter" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-lua" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-ndk" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-perl" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-subs-filter" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-uploadprogress" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-upstream-fair" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-http-xslt-filter" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-mail" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-nchan" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-rtmp" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "libnginx-mod-stream" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "nginx" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "nginx-common" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "nginx-core" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "nginx-extras" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "nginx-full" }, { "binary_version": "1.18.0-0ubuntu1.7", "binary_name": "nginx-light" } ] }
{ "ecosystem": "Ubuntu:20.04:LTS", "cves": [ { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2025-23419" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-auth-pam" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-cache-purge" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-dav-ext" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-echo" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-fancyindex" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-geoip" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-geoip2" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-headers-more-filter" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-image-filter" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-ndk" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-perl" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-subs-filter" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-uploadprogress" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-upstream-fair" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-http-xslt-filter" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-mail" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-nchan" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-rtmp" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-stream" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-stream-geoip" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "libnginx-mod-stream-geoip2" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "nginx" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "nginx-common" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "nginx-core" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "nginx-extras" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "nginx-full" }, { "binary_version": "1.18.0-6ubuntu14.6", "binary_name": "nginx-light" } ] }
{ "ecosystem": "Ubuntu:22.04:LTS", "cves": [ { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "type": "CVSS_V4", "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2025-23419" } ] }