Vulnerability announcement: NSS memory corruption vulnerability (CVE-2021-43527)

更新时间:
复制 MD 格式

Recently, Mozilla issued a security advisory regarding a buffer heap overflow in Network Security Services (NSS). This remote code execution vulnerability stems from how NSS validates certificates. An attacker can impersonate a TLS/SSL server to trigger a heap overflow in client applications compiled with NSS. A heap overflow can also be triggered in server applications compiled with NSS when processing client certificates.

Vulnerability details

  • Vulnerability ID: CVE-2021-43527

  • Vulnerability severity: High

  • Affected versions: NSS versions earlier than 3.73 or 3.68.1 ESR

Description

NSS (Network Security Services) is a set of libraries that support cross-platform development of secure client and server applications. It provides optional support for server-side hardware TLS/SSL acceleration and client-side smart cards.

NSS versions earlier than 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when processing DER-encoded DSA or RSA-PSS signatures. The following may be affected:

  • Applications that use NSS to process signatures encoded in CMS, S/MIME, PKCS #7, or PKCS #12.

  • Applications that use NSS for certificate validation or other TLS, X.509, OCSP, or CRL functions.

Note

You can run the curl -V command to check the default NSS version on your system.

Remediation

Check if your NSS version is earlier than 3.73 or 3.68.1 ESR by running the curl -V command. If it is, upgrade NSS to a secure version immediately. To apply the fix, run the following command:

yum clean all && yum install -y nss

References

CVE-2021-43527: Memory corruption via DER-encoded DSA and RSA-PSS signatures

Announcing party

Alibaba Cloud Computing Co., Ltd.