Bug 1380235

Summary: nss: remote DoS triggered by invalid key data
Product: [Other] Security Response Reporter: Jeremy Choi <jechoi>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dueno, emaldona, kdudka, kengert, nss-nspr-maint, osoukup, sardella, slawomir
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-14 07:26:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1380228    

Description Jeremy Choi 2016-09-29 02:16:09 UTC 
It has been reported NSS servers can be remotely crashed by sending some invalid key data.

Based on the stack provided in the bug report, the reason for the crash seems to
be an omitted NULL check, where the implementation assumes that a parameter can
never be NULL (the latest version of NSS still has the same code).

In this particular scenario, the crashing function PK11_SignWithSymKey was
called from ssl3_ComputeRecordMACConstantTime.
Comment 3 Huzaifa S. Sidhpurwala 2016-11-14 07:26:34 UTC 

*** This bug has been marked as a duplicate of bug 1383883 ***