nginx: Remote code execution

nginx: Remote code execution A vulnerability in nginx could lead to remote code execution. nginx 2021-05-26 2021-05-26 792087 remote 1.20.1 1.21.0 1.21.0

nginx is a robust, small, and high performance HTTP and reverse proxy server.

It was discovered that nginx did not properly handle DNS responses when “resolver” directive is used.

A remote attacker, able to provide DNS responses to a nginx instance, could cause the execution of arbitrary code with the privileges of the process or a Denial of Service condition.

There is no known workaround at this time.

All nginx users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=www-servers/nginx-1.20.1"

All nginx mainline users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose
      ">=www-servers/nginx-1.21.0:mainline"

CVE-2021-23017 whissi whissi