Bug 1446631 (CVE-2017-7502) - CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages
Summary: CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2017-7502
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=important,public=20170530,repo...
: 1449161 1450763 (view as bug list)
Depends On: 1435017 1450750 1450751 1450752 1450753
Blocks: 1446634
TreeView+ depends on / blocked
 
Reported: 2017-04-28 13:10 UTC by Adam Mariš
Modified: 2019-06-08 21:58 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library.
Clone Of:
Environment:
Last Closed: 2017-05-31 12:46:43 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:1364 normal SHIPPED_LIVE Important: nss security and bug fix update 2017-05-30 15:08:08 UTC
Red Hat Product Errata RHSA-2017:1365 normal SHIPPED_LIVE Important: nss security and bug fix update 2017-05-30 12:04:45 UTC
Red Hat Product Errata RHSA-2017:1567 normal SHIPPED_LIVE Important: Red Hat Container Development Kit 3.0.0 security update 2017-06-21 19:11:05 UTC

Description Adam Mariš 2017-04-28 13:10:54 UTC
Null pointer dereference vulnerability in NSS was found when server receives empty SSLv2 messages. This issue was introduced with the recent removal of SSLv2 protocol from upstream code in 3.24.0 and introduction of dedicated parser able to handle just sslv2-style hello messages.

Upstream patch:

https://hg.mozilla.org/projects/nss/rev/55ea60effd0d

Comment 3 Hubert Kario 2017-05-15 14:29:23 UTC
*** Bug 1450763 has been marked as a duplicate of this bug. ***

Comment 4 Hubert Kario 2017-05-26 11:41:19 UTC
*** Bug 1449161 has been marked as a duplicate of this bug. ***

Comment 5 errata-xmlrpc 2017-05-30 08:05:03 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2017:1365 https://access.redhat.com/errata/RHSA-2017:1365

Comment 6 errata-xmlrpc 2017-05-30 11:08:27 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2017:1364 https://access.redhat.com/errata/RHSA-2017:1364

Comment 8 errata-xmlrpc 2017-06-21 15:11:41 UTC
This issue has been addressed in the following products:

  CDK 3.0

Via RHSA-2017:1567 https://access.redhat.com/errata/RHSA-2017:1567


Note You need to log in before you can comment on or make changes to this bug.