Arch Linux Security Advisory ASA-201701-24 ========================================== Severity: High Date : 2017-01-15 CVE-ID : CVE-2016-1247 Package : nginx-mainline Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-139 Summary ======= The package nginx-mainline before version 1.11.8-2 is vulnerable to privilege escalation. Resolution ========== Upgrade to 1.11.8-2. # pacman -Syu "nginx-mainline>=1.11.8-2" The problem has been fixed upstream but no release is available yet. Workaround ========== None. Description =========== A symlink attack vulnerability was discovered in nginx. An attacker who could already run commands under the nginx user id could use this access to append data to files owned by root, potentially elevating their own privileges to root. Impact ====== A remote attacker who managed to compromise a web application is able to obtain root privileges on the affected host. References ========== https://bugs.archlinux.org/task/52547 https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-... https://security.archlinux.org/CVE-2016-1247