How the Vulnerability Works
A critical zero day remote code execution vulnerability, tracked as nginx-poolslip, has been discovered in NGINX version 1.31.0, the latest stable release of the widely used web server software. Security researchers from the Nebula Security team identified the flaw, which targets NGINX’s internal memory pool handling mechanism. The vulnerability allows an unauthenticated attacker to bypass Address Space Layout Randomization (ASLR), a core memory protection technique, and achieve full remote code execution on affected servers.
The discovery follows a recently patched vulnerability known as nginx-rift, which affected earlier NGINX versions. The researchers note that the patch for nginx-rift did not close the underlying attack surface that nginx-poolslip now exploits. Nebula Security has stated they will release a full technical writeup 30 days after an official patch becomes available.
Impact and Scope
NGINX powers an estimated 30 to 40 percent of all web servers globally, including high traffic platforms, reverse proxies, load balancers, and API gateways. Because this zero day targets the latest NGINX release, organizations that urgently updated to patch the earlier nginx-rift vulnerability may now find themselves exposed to this new threat. At the time of publication, no official patch from the NGINX project has been released.
Source: Cyber Security News
