system/nss: multiple vulnerabilities
Bugzilla ID | 310 |
Alias(es) | CVE-2020-12399, CVE-2020-12402 |
Reporter | Max Rees (sroracle) |
Assignee | A. Wilcox (awilfox) |
Reported | 2020-06-19 02:57:04 -0500 |
Modified | 2020-09-16 22:29:42 -0500 |
Status | RESOLVED FIXED |
Version | 1.0-RC1 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
Package(s) | system/nss |
URL | https://code.foxkit.us/adelie/packages/commit/f5d4de7809 |
Description
CVE-2020-12399: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-12399
During DSA signature generation in the function
dsa_SignDigest
, the
nonce valuek
is not padded, exposing the bit length ofk
, i.e.
the most significant bits (MSBs) of the nonce. Combined with other
techniques this can result in DSA private keys recovery.
Fixed in >= 3.52.1 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.52.1_release_notes
CVE-2020-12402: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-12402
It was found that NSS is vulnerable to RSA key generation cache timing
side channel attacks. An attacker with sufficient access to mount
cache timing attacks during the RSA key generation process could
recover the private key.
Fixed in >= 3.53.1 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes