1446631 – (CVE-2017-7502) CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages

Bug 1446631 (CVE-2017-7502) - CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages

Summary: CVE-2017-7502 nss: Null pointer dereference when handling empty SSLv2 messages

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2017-7502
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (2):	1449161 1450763 (view as bug list)
Depends On:	1435017 1450750 1450751 1450752 1450753
Blocks:	1446634
TreeView+	depends on / blocked

Reported:	2017-04-28 13:10 UTC by Adam Mariš
Modified:	2022-03-13 14:16 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library.
Clone Of:
Environment:
Last Closed:	2017-05-31 12:46:43 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2017:1364	normal	SHIPPED_LIVE	Important: nss security and bug fix update	2017-05-30 15:08:08 UTC
Red Hat Product Errata	RHSA-2017:1365	normal	SHIPPED_LIVE	Important: nss security and bug fix update	2017-05-30 12:04:45 UTC
Red Hat Product Errata	RHSA-2017:1567	normal	SHIPPED_LIVE	Important: Red Hat Container Development Kit 3.0.0 security update	2017-06-21 19:11:05 UTC

Description Adam Mariš 2017-04-28 13:10:54 UTC

Null pointer dereference vulnerability in NSS was found when server receives empty SSLv2 messages. This issue was introduced with the recent removal of SSLv2 protocol from upstream code in 3.24.0 and introduction of dedicated parser able to handle just sslv2-style hello messages.

Upstream patch:

https://hg.mozilla.org/projects/nss/rev/55ea60effd0d

Comment 3 Hubert Kario 2017-05-15 14:29:23 UTC

*** Bug 1450763 has been marked as a duplicate of this bug. ***

Comment 4 Hubert Kario 2017-05-26 11:41:19 UTC

*** Bug 1449161 has been marked as a duplicate of this bug. ***

Comment 5 errata-xmlrpc 2017-05-30 08:05:03 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2017:1365 https://access.redhat.com/errata/RHSA-2017:1365

Comment 6 errata-xmlrpc 2017-05-30 11:08:27 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2017:1364 https://access.redhat.com/errata/RHSA-2017:1364

Comment 8 errata-xmlrpc 2017-06-21 15:11:41 UTC

This issue has been addressed in the following products:

  CDK 3.0

Via RHSA-2017:1567 https://access.redhat.com/errata/RHSA-2017:1567

Note You need to log in before you can comment on or make changes to this bug.