Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries.

Mozilla has addressed a heap-based buffer overflow vulnerability (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries.

Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications using NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.

The flaw ties the way the libraries handle DER-encoded DSA or RSA-PSS signatures in email clients and PDF viewers using vulnerable NSS versions. The vulnerability was discovered by Project Zero researchers Tavis Ormandy.

“The maximum size signature that this structure can handle is whatever the largest union member is, in this case that’s RSA at 2048 bytes. That’s 16384 bits, large enough to accommodate signatures from even the most ridiculously oversized keys. The question is, what happens if you just…. make a signature that’s bigger than that? Well, it turns out the answer is memory corruption.” wrote Ormandy.

“The untrusted signature is simply copied into this fixed-sized buffer, overwriting adjacent members with arbitrary attacker-controlled data. The bug is simple to reproduce and affects multiple algorithms.”

“We believe all versions of NSS since 3.14 (released October 2012) are vulnerable” Ormandy added.

The vulnerability affects NSS versions 3.68.1 and NSS 3.73 and doesn’t impact Mozilla Firefox. The flaw was addressed with the release of NSS 3.73.0. Ormandy recommends vendors of products using the NSS to update their library.

“Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS.” reads the security advisory published by Mozilla.

NSS is used by many companies, including AOL, Red Hat, and Google. The list of products using the library:

• Mozilla products, including Firefox, Thunderbird, SeaMonkey, and Firefox OS.
• AOL Instant Messenger (AIM)
• Open source client applications such as Evolution, Pidgin, Apache OpenOffice, and LibreOffice.
• Server products from Red Hat: Red Hat Directory Server, Red Hat Certificate System, and the mod_nss SSL module for the Apache web server.
• Server products from Oracle (formerly Sun Java Enterprise System), including Oracle Communications Messaging Server and Oracle Directory Server Enterprise Edition.
• SUSE Linux Enterprise Server supports NSS and the mod_nss SSL module for the Apache web server.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, CVE-2021-43527)

[adrotate banner=”5″]

[adrotate banner=”13″]