*** This bug is a duplicate of bug 2155992 ***
https://bugs.launchpad.net/bugs/2155992
Public bug reported:
After the automatic security update to 1.24.0-2ubuntu7.10 (CVE-2026-49975,
installed ~06:20 today), all nginx worker processes immediately crash on the
first incoming request with double free or corruption (!prev) and free():
invalid next size (normal), exiting on signal 6 (SIGABRT) and signal 11
(SIGSEGV). The master process continuously respawns workers but they crash
again immediately, rendering nginx completely non-functional.
Downgrading to 1.24.0-2ubuntu7.9 resolves the issue immediately.
Steps to reproduce:
Run Ubuntu 24.04 LTS with nginx
Allow unattended-upgrades to install 1.24.0-2ubuntu7.10
Send any HTTP/2 request to nginx
Expected: nginx serves requests normally
Actual: worker processes crash in a loop with heap corruption errors
Workaround: Downgrade to 1.24.0-2ubuntu7.9
** Affects: nginx (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "log.txt"
https://bugs.launchpad.net/bugs/2156031/+attachment/5976362/+files/log.txt
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2156031
Title:
nginx 1.24.0-2ubuntu7.10 worker processes crash with heap corruption
on every request (regression from .9)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/2156031/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
