2088353 – (CVE-2021-43529) CVE-2021-43529 thunderbird: Memory corruption when processing S/MIME messages

Bug 2088353 (CVE-2021-43529) - CVE-2021-43529 thunderbird: Memory corruption when processing S/MIME messages

Summary: CVE-2021-43529 thunderbird: Memory corruption when processing S/MIME messages

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2021-43529
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2019254 2019255 2019256 2019257
Blocks:	2078444
TreeView+	depends on / blocked

Reported:	2022-05-19 09:38 UTC by Mauro Matteo Cascella
Modified:	2022-05-23 13:22 UTC (History)
CC List:	5 users (show)
Fixed In Version:	thunderbird 91.3.0
Doc Type:	---
Doc Text:	A flaw was found in Thunderbird, which is vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.
Clone Of:
Environment:
Last Closed:	2022-05-19 14:37:10 UTC
Embargoed:

Attachments	(Terms of Use)

Description Mauro Matteo Cascella 2022-05-19 09:38:15 UTC

Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures. For more details about the original security issue, please refer to the Security Bulletin: https://access.redhat.com/security/vulnerabilities/RHSB-2021-008.

Upstream Thunderbird bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=1738501

Comment 1 Product Security DevOps Team 2022-05-19 14:37:09 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-43529

Comment 2 Mauro Matteo Cascella 2022-05-23 13:22:25 UTC

Thunderbird upstream states that this issue was fixed in Thunderbird version 91.3.0. The thunderbird packages as shipped in Red Hat Enterprise Linux were previously updated to version 91.3.0 via the following errata:

thunderbird in Red Hat Enterprise Linux 7:
https://access.redhat.com/errata/RHSA-2021:4134

thunderbird in Red Hat Enterprise Linux 8.1 Extended Update Support:
https://access.redhat.com/errata/RHSA-2021:4133

thunderbird in Red Hat Enterprise Linux 8.2 Extended Update Support
https://access.redhat.com/errata/RHSA-2021:4132

thunderbird in Red Hat Enterprise Linux 8:
https://access.redhat.com/errata/RHSA-2021:4130

Note You need to log in before you can comment on or make changes to this bug.