CVE-2017-5461
Description
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10) Red Hat statement The security flaw exists in NSS library Base64 encoder/decoder code. Any application which uses NSS library to parse base64 encoded data could possibly be affected by the flaw. For example: 1. Servers compiled against NSS which parse untrusted certificates or anyβ¦
Description
nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)
Red Hat statement
The security flaw exists in NSS library Base64 encoder/decoder code. Any application which uses NSS library to parse base64 encoded data could possibly be affected by the flaw. For example: 1. Servers compiled against NSS which parse untrusted certificates or any other base64 encoded data from its users. 2. Utilities like curl etc which use NSS to parse user provided base64 encoded certificates. 3. Applications like Firefox which use NSS to parse client-certificates before passing them to the web server.
CVSS v3: 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 5.9 Long Life | nss-0:3.14.3-11.el5_9 | RHSA-2017:1103 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 5 Extended Lifecycle Support | nss-0:3.21.4-1.el5_11 | RHSA-2017:1101 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6 | nss-0:3.28.4-1.el6_9 | RHSA-2017:1100 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6 | nss-util-0:3.28.4-1.el6_9 | RHSA-2017:1100 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6.2 Advanced Update Support | nss-util-0:3.13.1-11.el6_2 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6.4 Advanced Update Support | nss-util-0:3.14.3-9.el6_4 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6.5 Advanced Update Support | nss-util-0:3.16.1-5.el6_5 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6.5 Telco Extended Update Support | nss-util-0:3.16.1-5.el6_5 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6.6 Advanced Update Support | nss-util-0:3.19.1-4.el6_6 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6.6 Telco Extended Update Support | nss-util-0:3.19.1-4.el6_6 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 6.7 Extended Update Support | nss-util-0:3.21.4-1.el6_7 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 7 | nss-0:3.28.4-1.0.el7_3 | RHSA-2017:1100 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 7 | nss-util-0:3.28.4-1.0.el7_3 | RHSA-2017:1100 | 2017-04-20T00:00:00Z |
| Red Hat Enterprise Linux 7.2 Extended Update Support | nss-util-0:3.21.4-1.el7_2 | RHSA-2017:1102 | 2017-04-20T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 4 | nss | Affected |
Apply commands
yum update -y nss
# or:
dnf upgrade -y nssAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 4 | Affected |
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| arch | fixed | 53.0-1 | |
| sles | affected | | |
| debian | sid | fixed | 52.0.1-1 |
| debian | bookworm | fixed | 45.9.0esr-1 |
| debian | bullseye | fixed | 45.9.0esr-1 |
| debian | forky | fixed | 45.9.0esr-1 |
| debian | trixie | fixed | 45.9.0esr-1 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| mozilla | network_security_services | {"endExcluding":"3.21.4"} | 3.21.4 |
References
- https://security.archlinux.org/ASA-201704-6
- https://security.archlinux.org/ASA-201705-21
- https://security.archlinux.org/ASA-201704-4
- http://www.debian.org/security/2017/dsa-3831
- http://www.debian.org/security/2017/dsa-3872
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.securityfocus.com/bid/98050
- http://www.securitytracker.com/id/1038320
- https://access.redhat.com/errata/RHSA-2017:1100
- https://access.redhat.com/errata/RHSA-2017:1101
- https://access.redhat.com/errata/RHSA-2017:1102
- https://access.redhat.com/errata/RHSA-2017:1103
- https://bugzilla.mozilla.org/show_bug.cgi?id=1344380
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes
- https://security.gentoo.org/glsa/201705-04
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461
- https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/#CVE-2017-5461
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.suse.com/security/cve/CVE-2017-5461.html
CWEs
CWE-787
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.