Red Hat Bugzilla – Full Text Bug Listing
|Summary:||CVE-2013-1740 nss: false start PR_Recv information disclosure security issue|
|Product:||[Other] Security Response||Reporter:||Ratul Gupta <ratulg>|
|Component:||vulnerability||Assignee:||Red Hat Product Security <security-response-team>|
|Status:||CLOSED ERRATA||QA Contact:|
|Version:||unspecified||CC:||emaldona, hkario, jkurik, kdudka, kengert, pfrields, rrelyea|
|Target Milestone:||---||Keywords:||Reopened, Security|
|Fixed In Version:||nss 3.15.4||Doc Type:||Bug Fix|
A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server.
|Last Closed:||2014-09-17 23:03:55 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Bug Depends On:||1032472, 1054456, 1054457, 1101846, 1113849, 1113853|
|Bug Blocks:||1054104, 1063682|
Description Ratul Gupta 2014-01-15 12:02:25 EST
A security issue has been reported in NSS, which can be exploited by a malicious user to disclose certain information. The issue arises due to an error within the "ssl_Do1stHandshake()" function in lib/ssl/sslsecur.c, which can be exploited to potentially return unencrypted and unauthenticated data from PR_Recv. Successful exploitation requires false start to be enabled. The issue is said to be fixed in NSS 3.15.4. References: https://bugs.gentoo.org/show_bug.cgi?id=498172 https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.4_release_notes Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=919877 Patch: https://bugzilla.mozilla.org/attachment.cgi?id=825813
Comment 1 Ratul Gupta 2014-01-15 12:06:47 EST
By default, NSS ships with false start disabled, for which the above patch works and was implemented in NSS 3.15.3.
Comment 4 Vincent Danen 2014-01-16 15:53:14 EST
The upstream bug noted actually has fixes from another upstream bug  which notes the actual upstream commit , however the next noted commit  may also be required.  https://bugzilla.mozilla.org/show_bug.cgi?id=713933  https://hg.mozilla.org/projects/nss/rev/1b9c43d28713  https://hg.mozilla.org/projects/nss/rev/f28426e944ae
Comment 5 Vincent Danen 2014-01-16 16:02:09 EST
According to this document, False Start has been implemented in NSS since 3.12.9: https://technotes.googlecode.com/git/falsestart.html I'm unable to find any corresponding note or changelog for nss to back it up, however.
Comment 7 Vincent Danen 2014-01-16 16:07:05 EST
Created nss tracking bugs for this issue: Affects: fedora-all [bug 1054456]
Comment 8 Elio Maldonado Batiz 2014-01-16 16:49:54 EST
(In reply to Vincent Danen from comment #5) > According to this document, False Start has been implemented in NSS since > 3.12.9: > > https://technotes.googlecode.com/git/falsestart.html > > I'm unable to find any corresponding note or changelog for nss to back it > up, however. Vincent, Looking at old cvs history (nss switched from cvs to mercurial last year) I see this commit ---------------------------- revision 1.39 date: 2010/07/30 03:00:16; author: wtc%google.com; state: Exp; lines: +12 -1 Bug 525092: Support TLS false start. The patch is contributed by Adam Langley of Google <email@example.com>. r=wtc. Modified Files: cmd/strsclnt/strsclnt.c cmd/tstclnt/tstclnt.c lib/ssl/ssl.h lib/ssl/ssl3con.c lib/ssl/ssl3gthr.c lib/ssl/sslimpl.h lib/ssl/sslsecur.c lib/ssl/sslsock.c tests/ssl/sslstress.txt ---------------- See https://bugzilla.mozilla.org/show_bug.cgi?id=525092 This may be what you are looking for. -Elio
Comment 10 Vincent Danen 2014-01-16 17:39:50 EST
(In reply to Elio Maldonado Batiz from comment #8) ... > See https://bugzilla.mozilla.org/show_bug.cgi?id=525092 > This may be what you are looking for. Thanks, Elio. That's exactly it. Last comment in that bug is: "Patch checked in on the NSS trunk (NSS 3.13) and NSS_3_12_BRANCH (NSS 3.12.8)." which is pretty close to the 3.12.9 version I had indicated. Thanks for that confirmation.
Comment 13 Fedora Update System 2014-01-21 00:50:04 EST
nss-3.15.4-1.fc20, nss-softokn-3.15.4-1.fc20, nss-util-3.15.4-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
Comment 18 Fedora Update System 2014-02-03 21:46:44 EST
nss-3.15.4-1.fc19, nss-softokn-3.15.4-1.fc19, nss-util-3.15.4-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
Comment 19 Huzaifa S. Sidhpurwala 2014-03-10 05:23:41 EDT
Comment 25 errata-xmlrpc 2014-07-22 14:00:23 EDT
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0917 https://rhn.redhat.com/errata/RHSA-2014-0917.html
Comment 26 Martin Prpic 2014-07-28 07:37:01 EDT
IssueDescription: A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server.