Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.1076
nss security update
21 February 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: nss
Publisher: Debian
Operating System: Debian GNU/Linux
Resolution: Patch/Upgrade
CVE Names: CVE-2023-0767 CVE-2020-12403 CVE-2020-12401
CVE-2020-12400 CVE-2020-6829
Original Bulletin:
https://www.debian.org/lts/security/2023/dla-3327
Comment: CVSS (Max): 9.1 CVE-2020-12403 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)
CVSS Source: [NVD], Red Hat
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3327-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Markus Koschany
February 20, 2023 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : nss
Version : 2:3.42.1-1+deb10u6
CVE ID : CVE-2020-6829 CVE-2020-12400 CVE-2020-12401 CVE-2020-12403
CVE-2023-0767
Multiple security vulnerabilities have been discovered in nss, the Network
Security Service libraries.
CVE-2020-6829
When performing EC scalar point multiplication, the wNAF point
multiplication algorithm was used; which leaked partial information about
the nonce used during signature generation. Given an electro-magnetic trace
of a few signature generations, the private key could have been computed.
CVE-2020-12400
When converting coordinates from projective to affine, the modular
inversion was not performed in constant time, resulting in a possible
timing-based side channel attack.
CVE-2020-12401
During ECDSA signature generation, padding applied in the nonce designed to
ensure constant-time scalar multiplication was removed, resulting in
variable-time execution dependent on secret data.
CVE-2020-12403
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS.
When using multi-part Chacha20, it could cause out-of-bounds reads.
This issue was fixed by explicitly disabling multi-part ChaCha20
(which was not functioning correctly) and strictly enforcing tag length.
CVE-2023-0767
Christian Holler discovered that incorrect handling of PKCS 12 Safe Bag
attributes may result in execution of arbitrary code if a specially crafted
PKCS 12 certificate bundle is processed.
For Debian 10 buster, these problems have been fixed in version
2:3.42.1-1+deb10u6.
We recommend that you upgrade your nss packages.
For the detailed security status of nss please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/nss
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY/Q0GckNZI30y1K9AQjdVg/+LDLGpEcosUQgV+BVrOBUZIH29q6k8Cbg
Cvyt+Sj4whJnyagGNpCazJr61sPluDW7mMtGAi71VqhqtFz3eTgy3mD19G2082HB
JfJX7urXNpONXPm9gOlQkrZV4tFOgDY6pyEjBumXCGjNSyeKJO1WJbH2kYCv48rR
Vmvjh2IE/g9NCW104FqOdr9cDgyQSTw7UtJbp0a5QZr4CaeW21xqfZ6P0C37jNNb
cfevcKaQfvvD1konb+m289RBgdvB9wlE5Hgvf+0kSY2MChZ8cIOtLPgHWTVgZzon
HQ2Kg43D730ZjruIRU03KoAh3I7WUHuXA6xGwS18Bxt6eE3eCsrgSHP9ie9jYJgL
gvXp/tksf3HFDbNrWt5Gks3GTO9ZvSXF0abYPX9VjWHPIHsj5zfxiNRAtcvdlYpt
YidaBgGdoBj77iITOYfoRMFzdQ+ksfBxBES46pPlBDINUw4cSYgGiei7nHNjKI6v
dHjRSyQmeczCtErhppahHUM1/hKPTf/dGjYqIX2/0gQRbWOGy4EgIa8l6znag5tr
jOc22i/XwAY1nR0iLIgOKyn2NNOsu26ZtS8XQRi4m4G+xhLI2hamdIhL29N79EOy
+fuzZV67V6qjI9GoDdaEVri+eLB6N0yFyC0SLhtV2ODybcvUozvpSiqcmazrloGw
UezRXYxgGRc=
=RBW9
-----END PGP SIGNATURE-----