Mozilla has addressed a heap-based buffer overflow vulnerability (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries.
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications using NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards.
The flaw ties the way the libraries handle DER-encoded DSA or RSA-PSS signatures in email clients and PDF viewers using vulnerable NSS versions. The vulnerability was discovered by Project Zero researchers Tavis Ormandy.
“The maximum size signature that this structure can handle is whatever the largest union member is, in this case that’s RSA at 2048 bytes. That’s 16384 bits, large enough to accommodate signatures from even the most ridiculously oversized keys. The question is, what happens if you just…. make a signature that’s bigger than that? Well, it turns out the answer is memory corruption.” wrote Ormandy.
“The untrusted signature is simply copied into this fixed-sized buffer, overwriting adjacent members with arbitrary attacker-controlled data. The bug is simple to reproduce and affects multiple algorithms.”
“We believe all versions of NSS since 3.14 (released October 2012) are vulnerable” Ormandy added.
The vulnerability affects NSS versions 3.68.1 and NSS 3.73 and doesn’t impact Mozilla Firefox. The flaw was addressed with the release of NSS 3.73.0. Ormandy recommends vendors of products using the NSS to update their library.
“Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS.” reads the security advisory published by Mozilla.
NSS is used by many companies, including AOL, Red Hat, and Google. The list of products using the library:
(SecurityAffairs – hacking, CVE-2021-43527)