1380235 – nss: remote DoS triggered by invalid key data

Bug 1380235 - nss: remote DoS triggered by invalid key data

Summary: nss: remote DoS triggered by invalid key data

Keywords:
Status:	CLOSED DUPLICATE of bug 1383883
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1380228
TreeView+	depends on / blocked

Reported:	2016-09-29 02:16 UTC by Jeremy Choi
Modified:	2021-06-03 15:18 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-11-14 07:26:34 UTC
Embargoed:

Attachments	(Terms of Use)

Description Jeremy Choi 2016-09-29 02:16:09 UTC

It has been reported NSS servers can be remotely crashed by sending some invalid key data.

Based on the stack provided in the bug report, the reason for the crash seems to
be an omitted NULL check, where the implementation assumes that a parameter can
never be NULL (the latest version of NSS still has the same code).

In this particular scenario, the crashing function PK11_SignWithSymKey was
called from ssl3_ComputeRecordMACConstantTime.

Comment 3 Huzaifa S. Sidhpurwala 2016-11-14 07:26:34 UTC


*** This bug has been marked as a duplicate of bug 1383883 ***

Note You need to log in before you can comment on or make changes to this bug.