ALAS-2021-1522

Affecting nss-softokn-freebl package, versions <3.53.1-6.46.amzn1

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

NVD Description

Note: Versions mentioned in the description apply to the upstream nss-softokn-freebl package. See Remediation section below for Amazon-Linux:2018.03 relevant versions.

Package updates are available for Amazon Linux AMI that fix the following vulnerabilities: CVE-2020-6829: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. 1826187: CVE-2020-6829 nss: Side channel attack on ECDSA signature generation CVE-2020-12403: A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability. 1868931: CVE-2020-12403 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read CVE-2020-12402: A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality. 1826231: CVE-2020-12402 nss: Side channel vulnerabilities during RSA key generation CVE-2020-12401: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. 1851294: CVE-2020-12401 nss: ECDSA timing attack mitigation bypass CVE-2020-12400: A side-channel flaw was found in NSS, in the way P-384 and P-521 curves are used in the generation of EDSA signatures, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. 1853983: CVE-2020-12400 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function CVE-2019-17023: 1791225: CVE-2019-17023 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state A protocol downgrade flaw was found in Network Security Services (NSS). After a HelloRetryRequest has been sent, the client may negotiate a lower protocol than TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. CVE-2019-17006: 1775916: CVE-2019-17006 nss: Check length of inputs for cryptographic primitives A vulnerability was discovered in nss where input text length was not checked when using certain cryptographic primitives. This could lead to a heap-buffer overflow resulting in a crash and data leak. The highest threat is to confidentiality and integrity of data as well as system availability. CVE-2019-11756: 1774835: CVE-2019-11756 nss: Use-after-free in sftk_FreeSession due to improper refcounting A use-after-free flaw was found in Mozilla Network Security Services (NSS) related to PK11 session handling. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled with NSS. CVE-2019-11727: 1730988: CVE-2019-11727 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3 A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68. CVE-2019-11719: 1728436: CVE-2019-11719 nss: Out-of-bounds read when importing curve25519 private key When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

Remediation

Upgrade Amazon-Linux:2018.03 nss-softokn-freebl to version 3.53.1-6.46.amzn1 or higher.
This issue was patched in None.

References

CVE
ALAS-2021-1522
Snyk ID
SNYK-AMZN201803-NSSSOFTOKNFREEBL-1316549
Published
13 Jul, 2021