CVE-2024-7347 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2024-7347 Interim 1 18 2026-03-05T02:57:00Z current 2024-08-14T23:17:11Z 2026-03-05T02:57:00Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2024-7347 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-March/001002.html E-Mail link for RHSA-2025:3261 https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-April/001006.html E-Mail link for RHSA-2025:3262 https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-May/001286.html E-Mail link for RHSA-2025:7402 https://lists.suse.com/pipermail/sle-security-updates/2025-January/020233.html E-Mail link for SUSE-SU-2025:0282-1 https://lists.suse.com/pipermail/sle-security-updates/2025-January/020236.html E-Mail link for SUSE-SU-2025:0283-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings Container private-registry/harbor-nginx:1.21.5-2.15 Container private-registry/harbor-portal:1.1.0-1.1 Container suse/nginx:1.21-51.11 SUSE Liberty Linux 9 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Module for Server Applications 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS SUSE Linux Enterprise Module for Server Applications 15 SP6 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP4-TERADATA SUSE Linux Enterprise Module for Server Applications 15 SP5 SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Module for Server Applications 15 SP6 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Module for Server Applications 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Linux Enterprise Module for Server Applications 15 SP6 SUSE Linux Enterprise Module for Server Applications 15 SP7 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.5 openSUSE Leap 15.6 openSUSE Tumbleweed nginx nginx-1.21.5-150400.3.6.1 nginx-1.21.5-150600.10.3.1 nginx-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-1.27.1-1.1 nginx-1.27.2-160000.2.2 nginx-all-modules-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-core-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-filesystem-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-mod-devel-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-mod-http-image-filter-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-mod-http-perl-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-mod-http-xslt-filter-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-mod-mail-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-mod-stream-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 nginx-source nginx-source-1.21.5-150400.3.6.1 nginx-source-1.21.5-150600.10.3.1 nginx-source-1.27.1-1.1 nginx-source-1.27.2-160000.2.2 nginx-1.21.5-150600.10.3.1 as a component of Container private-registry/harbor-nginx:1.21.5-2.15 nginx-1.21.5-150600.10.3.1 as a component of Container private-registry/harbor-portal:1.1.0-1.1 nginx-1.21.5-150600.10.3.1 as a component of Container suse/nginx:1.21-51.11 nginx-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-all-modules-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-core-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-filesystem-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-mod-devel-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-mod-http-image-filter-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-mod-http-perl-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-mod-http-xslt-filter-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-mod-mail-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-mod-stream-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 as a component of SUSE Liberty Linux 9 nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS nginx-1.21.5-150600.10.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP6 nginx-source-1.21.5-150600.10.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP6 nginx-1.21.5-150600.10.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 nginx-source-1.21.5-150600.10.3.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP7 nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS nginx-1.27.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 nginx-source-1.27.2-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 nginx-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 nginx-1.21.5-150400.3.6.1 as a component of SUSE Manager Proxy 4.3 nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Manager Proxy 4.3 nginx-1.21.5-150400.3.6.1 as a component of SUSE Manager Retail Branch Server 4.3 nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Manager Retail Branch Server 4.3 nginx-1.21.5-150400.3.6.1 as a component of SUSE Manager Server 4.3 nginx-source-1.21.5-150400.3.6.1 as a component of SUSE Manager Server 4.3 nginx-1.21.5-150600.10.3.1 as a component of openSUSE Leap 15.6 nginx-source-1.21.5-150600.10.3.1 as a component of openSUSE Leap 15.6 nginx-1.27.1-1.1 as a component of openSUSE Tumbleweed nginx-source-1.27.1-1.1 as a component of openSUSE Tumbleweed nginx as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS nginx-source as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS nginx as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS nginx-source as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS nginx as a component of SUSE Linux Enterprise Module for Server Applications 15 SP5 nginx-source as a component of SUSE Linux Enterprise Module for Server Applications 15 SP5 nginx as a component of SUSE Linux Enterprise Server 15 SP1-LTSS nginx-source as a component of SUSE Linux Enterprise Server 15 SP1-LTSS nginx as a component of SUSE Linux Enterprise Server 15 SP2-LTSS nginx-source as a component of SUSE Linux Enterprise Server 15 SP2-LTSS nginx as a component of SUSE Linux Enterprise Server 15 SP3-LTSS nginx-source as a component of SUSE Linux Enterprise Server 15 SP3-LTSS nginx as a component of SUSE Linux Enterprise Server 15-LTSS nginx as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 nginx-source as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 nginx as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 nginx-source as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 nginx as a component of openSUSE Leap 15.5 nginx-source as a component of openSUSE Leap 15.5 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. CVE-2024-7347 Container private-registry/harbor-nginx:1.21.5-2.15:nginx-1.21.5-150600.10.3.1 Container private-registry/harbor-portal:1.1.0-1.1:nginx-1.21.5-150600.10.3.1 Container suse/nginx:1.21-51.11:nginx-1.21.5-150600.10.3.1 SUSE Liberty Linux 9:nginx-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-all-modules-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-core-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-filesystem-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-mod-devel-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-mod-http-image-filter-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-mod-http-perl-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-mod-http-xslt-filter-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-mod-mail-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Liberty Linux 9:nginx-mod-stream-1.24.0-4.module+el9.5.0+22954+e2d70a1c.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:nginx-1.21.5-150600.10.3.1 SUSE Linux Enterprise Module for Server Applications 15 SP6:nginx-source-1.21.5-150600.10.3.1 SUSE Linux Enterprise Module for Server Applications 15 SP7:nginx-1.21.5-150600.10.3.1 SUSE Linux Enterprise Module for Server Applications 15 SP7:nginx-source-1.21.5-150600.10.3.1 SUSE Linux Enterprise Server 15 SP4-LTSS:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server 15 SP4-LTSS:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server 15 SP5-LTSS:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server 15 SP5-LTSS:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server 16.0:nginx-1.27.2-160000.2.2 SUSE Linux Enterprise Server 16.0:nginx-source-1.27.2-160000.2.2 SUSE Linux Enterprise Server for SAP Applications 15 SP4:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:nginx-source-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:nginx-1.21.5-150400.3.6.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:nginx-source-1.21.5-150400.3.6.1 SUSE Manager Proxy 4.3:nginx-1.21.5-150400.3.6.1 SUSE Manager Proxy 4.3:nginx-source-1.21.5-150400.3.6.1 SUSE Manager Retail Branch Server 4.3:nginx-1.21.5-150400.3.6.1 SUSE Manager Retail Branch Server 4.3:nginx-source-1.21.5-150400.3.6.1 SUSE Manager Server 4.3:nginx-1.21.5-150400.3.6.1 SUSE Manager Server 4.3:nginx-source-1.21.5-150400.3.6.1 openSUSE Leap 15.6:nginx-1.21.5-150600.10.3.1 openSUSE Leap 15.6:nginx-source-1.21.5-150600.10.3.1 openSUSE Tumbleweed:nginx-1.27.1-1.1 openSUSE Tumbleweed:nginx-source-1.27.1-1.1 moderate 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L