CVE-2014-1569

The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
mozillanetwork_security_services
𝑥
≤ 3.16.2.3
mozillanetwork_security_services
3.16.2.0
mozillanetwork_security_services
3.16.2.1
mozillanetwork_security_services
3.16.2.2
mozillanetwork_security_services
3.17.0
mozillanetwork_security_services
3.17.1
mozillanetwork_security_services
3.17.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
nss
bookworm
2:3.87.1-1
fixed
bullseye
2:3.61-1+deb11u3
fixed
bullseye (security)
2:3.61-1+deb11u4
fixed
sid
2:3.105-2
fixed
trixie
2:3.105-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
nss
lucid
Fixed 3.17.1-0ubuntu0.10.04.2
released
precise
Fixed 3.17.1-0ubuntu0.12.04.2
released
trusty
Fixed 2:3.17.1-0ubuntu0.14.04.2
released
utopic
Fixed 2:3.17.1-0ubuntu1.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libfreebl3
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
libfreebl3-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
libfreebl3-hmac
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
libfreebl3-hmac-32bit
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
libsoftokn3
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
libsoftokn3-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
libsoftokn3-hmac
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
libsoftokn3-hmac-32bit
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
mozilla-nss
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
mozilla-nss-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
mozilla-nss-certs
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
mozilla-nss-certs-32bit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
mozilla-nss-devel
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
mozilla-nss-sysinit
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
mozilla-nss-sysinit-32bit
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
mozilla-nss-tools
suse enterprise desktop 15
3.36.1-1.7
fixed
suse enterprise desktop 15 SP1
3.41.1-3.13.1
fixed
suse enterprise desktop 15 SP2
3.47.1-3.37.1
fixed
suse enterprise desktop 15 SP3
3.53.1-3.51.1
fixed
suse enterprise desktop 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise desktop 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise desktop 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise desktop 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise sap 12
3.17.3-16.1
fixed
suse enterprise sap 12 SP5
3.45-58.31.1
fixed
suse enterprise sap 15
3.36.1-1.7
fixed
suse enterprise sap 15 SP1
3.41.1-3.13.1
fixed
suse enterprise sap 15 SP2
3.47.1-3.37.1
fixed
suse enterprise sap 15 SP3
3.53.1-3.51.1
fixed
suse enterprise sap 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise sap 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise sap 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise sap 15 SP7
3.101.2-150400.3.54.1
fixed
suse enterprise server 12
3.17.3-16.1
fixed
suse enterprise server 12 SP5
3.45-58.31.1
fixed
suse enterprise server 15
3.36.1-1.7
fixed
suse enterprise server 15 SP1
3.41.1-3.13.1
fixed
suse enterprise server 15 SP2
3.47.1-3.37.1
fixed
suse enterprise server 15 SP3
3.53.1-3.51.1
fixed
suse enterprise server 15 SP4
3.68.3-150400.1.7
fixed
suse enterprise server 15 SP5
3.79.4-150400.3.29.1
fixed
suse enterprise server 15 SP6
3.90.2-150400.3.39.1
fixed
suse enterprise server 15 SP7
3.101.2-150400.3.54.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
nspr
RHEL 6
0:4.10.8-1.el6_6
fixed
RHEL 7
0:4.10.8-1.el7_1
fixed
nspr-devel
RHEL 6
0:4.10.8-1.el6_6
fixed
RHEL 7
0:4.10.8-1.el7_1
fixed
nss
RHEL 6
0:3.18.0-5.3.el6_6
fixed
RHEL 7
0:3.18.0-2.2.el7_1
fixed
nss-devel
RHEL 6
0:3.18.0-5.3.el6_6
fixed
RHEL 7
0:3.18.0-2.2.el7_1
fixed
nss-pkcs11-devel
RHEL 6
0:3.18.0-5.3.el6_6
fixed
RHEL 7
0:3.18.0-2.2.el7_1
fixed
nss-sysinit
RHEL 6
0:3.18.0-5.3.el6_6
fixed
RHEL 7
0:3.18.0-2.2.el7_1
fixed
nss-tools
RHEL 6
0:3.18.0-5.3.el6_6
fixed
RHEL 7
0:3.18.0-2.2.el7_1
fixed
nss-util
RHEL 6
0:3.18.0-1.el6_6
fixed
RHEL 7
0:3.18.0-1.el7_1
fixed
nss-util-devel
RHEL 6
0:3.18.0-1.el6_6
fixed
RHEL 7
0:3.18.0-1.el7_1
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
http://www.debian.org/security/2015/dsa-3186
http://www.intelsecurity.com/resources/wp-berserk-analysis-part-1.pdf
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securitytracker.com/id/1032909
https://bugzilla.mozilla.org/show_bug.cgi?id=1064670
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
https://www.imperialviolet.org/2014/09/26/pkcs1.html
https://www.reddit.com/r/netsec/comments/2hd1m8/rsa_signature_forgery_in_nss/cksnr02
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
http://www.debian.org/security/2015/dsa-3186
http://www.intelsecurity.com/resources/wp-berserk-analysis-part-1.pdf
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securitytracker.com/id/1032909
https://bugzilla.mozilla.org/show_bug.cgi?id=1064670
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
https://www.imperialviolet.org/2014/09/26/pkcs1.html
https://www.reddit.com/r/netsec/comments/2hd1m8/rsa_signature_forgery_in_nss/cksnr02