CVE-2021-23017: 
NGINX vulnerability analysis and mitigation

CVE-2021-23017 is a security vulnerability in nginx resolver identified in May 2021. The vulnerability affects nginx versions 0.6.18 through 1.20.0. This issue allows an attacker who can forge UDP packets from the DNS server to cause a 1-byte memory overwrite, potentially resulting in worker process crash or arbitrary code execution (Nginx Announce).

The vulnerability is classified as an off-by-one error (CWE-193) in the nginx resolver component. It has a CVSS v3.1 base score of 7.7 (High), with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L. The issue only affects nginx if the 'resolver' directive is used in the configuration file (NVD).

A successful exploitation of this vulnerability could lead to worker process crash or potential arbitrary code execution. The vulnerability affects the confidentiality and integrity of the system with high impact, while having a low impact on availability (NVD).

The vulnerability was fixed in nginx versions 1.21.0 and 1.20.1. A patch was released to address the issue and is available at nginx.org. Organizations running affected versions should upgrade to the fixed versions (Nginx Announce).

Multiple vendors and organizations responded to this vulnerability. NetApp issued an advisory (NTAP-20210708-0006) for their affected products. Fedora released security updates for both Fedora 33 and 34 to address this vulnerability (Fedora Update).