Debian update for nss
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2019-17006 CVE-2019-17023 CVE-2020-12399 CVE-2020-12402 |
| CWE-ID | CWE-122 CWE-757 CWE-362 CWE-310 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
Debian Linux Operating systems & Components / Operating system nss (Debian package) Operating systems & Components / Operating system package or component |
| Vendor | Debian |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU47197
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2019-17006
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Mozilla NSS library when processing input text length while using certain cryptographic primitives. A remote attacker can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate nss package to version 2:3.42.1-1+deb10u3.
Vulnerable software versionsDebian Linux: All versions
nss (Debian package): before 2:3.42.1-1+deb10u3
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:debian:nss_debian_package:*:*:*:*:*:debian_linux:*:*
https://www.debian.org/security/2020/dsa-4726
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Algorithm Downgrade
EUVDB-ID: #VU24061
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-17023
CWE-ID:
CWE-757 - Selection of Less-Secure Algorithm During Negotiat
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to insecure negotiation After a HelloRetryRequest in Mozilla NSS that can lead to selection of a less secure protocol (e.g. TLS 1.2 or below) after the HelloRetryRequest TLS 1.3 is sent.
Update nss package to version 2:3.42.1-1+deb10u3.
Vulnerable software versionsDebian Linux: All versions
nss (Debian package): before 2:3.42.1-1+deb10u3
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:debian:nss_debian_package:*:*:*:*:*:debian_linux:*:*
https://www.debian.org/security/2020/dsa-4726
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Race condition
EUVDB-ID: #VU28522
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-12399
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to time differences in Mozilla NSS library during the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key.
Update nss package to version 2:3.42.1-1+deb10u3.
Vulnerable software versionsDebian Linux: All versions
nss (Debian package): before 2:3.42.1-1+deb10u3
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:debian:nss_debian_package:*:*:*:*:*:debian_linux:*:*
https://www.debian.org/security/2020/dsa-4726
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Cryptographic issues
EUVDB-ID: #VU29460
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-12402
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to recover the secret primes.
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes.
MitigationUpdate nss package to version 2:3.42.1-1+deb10u3.
Vulnerable software versionsDebian Linux: All versions
nss (Debian package): before 2:3.42.1-1+deb10u3
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:debian:nss_debian_package:*:*:*:*:*:debian_linux:*:*
https://www.debian.org/security/2020/dsa-4726
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
