Bug 1404568 (CVE-2016-9574) - CVE-2016-9574 nss: Remote DoS during session handshake when using SessionTicket extention and ECDHE-ECDSA
Summary: CVE-2016-9574 nss: Remote DoS during session handshake when using SessionTick...
Alias: CVE-2016-9574
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Whiteboard: impact=moderate,public=20161128,repor...
Keywords: Security
Depends On:
Blocks: 1404570
TreeView+ depends on / blocked
Reported: 2016-12-14 06:52 UTC by Huzaifa S. Sidhpurwala
Modified: 2019-06-08 21:39 UTC (History)
8 users (show)

Clone Of:
Last Closed: 2017-01-06 08:41:33 UTC

Attachments (Terms of Use)

Description Huzaifa S. Sidhpurwala 2016-12-14 06:52:07 UTC
A denial of service flaw was found in the way NSS handled handshake packets when SessionTicket extension was enabled on the TLS server side and ECDSA certificates were used. A remote attacker could use this flaw to crash TLS servers compiled against NSS.

More details and reproducer available at:


Note You need to log in before you can comment on or make changes to this bug.