Security update for nginx

This update for nginx fixes the following issue CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

BIT-NGINX-2026-9256 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

CVE-2026-45934

A flaw was found in the Linux kernel's btrfs filesystem. This issue occurs due to non-consecutive gaps in chunk allocation, leading to overlapping chunk maps. A local attacker could exploit this by triggering specific chunk allocation scenarios, potentially causing filesystem operations to abort...

CVE-2026-44321 free5GC: SMF UPI POST /upi/v1/upNodesLinks exits the SMF process on overlapping UE pools (unauthenticated, reachable Fatalf)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. The POST /upi/v1/upNodesLinks create-or-update handler accepts attacker-controlled JSON and passes it directly into...

CVE-2026-44321

The CVE concerns free5GC SMF (v4.2.x) where the UPI route group lacked inbound OAuth middleware, allowing an unauthenticated POST to /upi/v1/upNodesLinks to trigger a validation failure that calls Fatalf, terminating the entire SMF process. Specifically, an attacker-controlled JSON payload can tr...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the retryalignedread function in md/raid5, causing a soft lock. This vulnerability may lead to an...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the local overlap detection logic in netfilter’s nftsetrbtree. This logic skips the initial eleme...

CLSA-2026-1779789531 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - debian/patches/CVE-2026-9256.patch: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - CVE-2026-9256...

CLSA-2026-1779788913 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - debian/patches/CVE-2026-9256.patch: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - CVE-2026-9256...

nginx: Fix of CVE-2026-9256

CVE-2026-9256: fix heap buffer overflow with overlapping captures in ngxhttprewritemodule...

FreeBSD : nginx -- heap buffer overflow in ngx_http_rewrite_module (36a3131d-5600-11f1-b339-3497f65b111b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 36a3131d-5600-11f1-b339-3497f65b111b advisory. The nginx developers report: A heap memory buffer overflow might occur in a worker process when using a...

CLSA-2026-1779712300 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: heap buffer overflow in ngxhttprewritemodule with overlapping captures - debian/patches/CVE-2026-9256.patch: fix heap buffer overflow in ngxhttpscriptregexstartcode when a rewrite replacement string with no variables has overlapping captures, by moving the per-capture length...

UBUNTU-CVE-2026-9256

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

CVE-2026-9256

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

EUVD-2026-31444

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

nginx -- heap buffer overflow in ngx_http_rewrite_module

The nginx developers report: A heap memory buffer overflow might occur in a worker process when using a configuration with overlapping captures in ngxhttprewritemodule, potentially resulting in arbitrary code execution CVE-2026-9256...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/amd/display: Fixed overlapping copies within dmlcoremodeprogramming REASON &modelib-mp.Watermark and &locals-Watermark are the same address. memcpy may lead to unexpected behavior. SOLUTION memmove should be used instead...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: mmc: mmci: stm32: fixed the warning regarding overlapping mappings in the DMA API. Enabling the CONFIGDMAAPIDEBUGSG option results in the following warning: DMA-API: mmci-pl18x 48220000.mmc: cacheline tracking EEXIST; overlapping...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: qat – fix DMA transfer direction When CONFIGDMAAPIDEBUG is enabled, during the execution of the crypto self-test for QAT crypto algorithms, the function adddmaentry reports a warning indicating that overlapping mapping...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: stm32fmc2: avoid overlapping mappings on ECC buffer Avoid overlapping mappings by using a contiguous non-cacheable buffer. 4.077708 DMA-API: stm32fmc2nfc 48810000.nand-controller: cacheline tracking EEXIST;...