1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4203-2

[USN-4203-2] NSS vulnerability

Severity Medium
Affected Packages 9
CVEs 1
Info Packages Vulnerabilities

NSS could be made to crash or run programs if it received specially crafted input.

USN-4203-1 fixed a vulnerability in NSS. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that NSS incorrectly handled certain memory operations. A
remote attacker could use this issue to cause NSS to crash, resulting in a
denial of service, or possibly execute arbitrary code.

Package Affected Version
pkg:deb/ubuntu/libnss3?distro=trusty < 3.28.4-0ubuntu0.14.04.5+esm2
pkg:deb/ubuntu/libnss3?distro=precise < 3.28.4-0ubuntu0.12.04.5
pkg:deb/ubuntu/libnss3-tools?distro=trusty < 3.28.4-0ubuntu0.14.04.5+esm2
pkg:deb/ubuntu/libnss3-tools?distro=precise < 3.28.4-0ubuntu0.12.04.5
pkg:deb/ubuntu/libnss3-nssdb?distro=trusty < 3.28.4-0ubuntu0.14.04.5+esm2
pkg:deb/ubuntu/libnss3-dev?distro=trusty < 3.28.4-0ubuntu0.14.04.5+esm2
pkg:deb/ubuntu/libnss3-dev?distro=precise < 3.28.4-0ubuntu0.12.04.5
pkg:deb/ubuntu/libnss3-1d?distro=trusty < 3.28.4-0ubuntu0.14.04.5+esm2
pkg:deb/ubuntu/libnss3-1d?distro=precise < 3.28.4-0ubuntu0.12.04.5
ID
USN-4203-2
Severity
medium
URL
https://ubuntu.com/security/notices/USN-4203-2
Published
2019-11-27T18:23:47
(4 years ago)
Modified
2019-11-27T18:23:47
(4 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/libnss3?distro=trusty ubuntu libnss3 < 3.28.4-0ubuntu0.14.04.5+esm2 trusty
Affected pkg:deb/ubuntu/libnss3?distro=precise ubuntu libnss3 < 3.28.4-0ubuntu0.12.04.5 precise
Affected pkg:deb/ubuntu/libnss3-tools?distro=trusty ubuntu libnss3-tools < 3.28.4-0ubuntu0.14.04.5+esm2 trusty
Affected pkg:deb/ubuntu/libnss3-tools?distro=precise ubuntu libnss3-tools < 3.28.4-0ubuntu0.12.04.5 precise
Affected pkg:deb/ubuntu/libnss3-nssdb?distro=trusty ubuntu libnss3-nssdb < 3.28.4-0ubuntu0.14.04.5+esm2 trusty
Affected pkg:deb/ubuntu/libnss3-dev?distro=trusty ubuntu libnss3-dev < 3.28.4-0ubuntu0.14.04.5+esm2 trusty
Affected pkg:deb/ubuntu/libnss3-dev?distro=precise ubuntu libnss3-dev < 3.28.4-0ubuntu0.12.04.5 precise
Affected pkg:deb/ubuntu/libnss3-1d?distro=trusty ubuntu libnss3-1d < 3.28.4-0ubuntu0.14.04.5+esm2 trusty
Affected pkg:deb/ubuntu/libnss3-1d?distro=precise ubuntu libnss3-1d < 3.28.4-0ubuntu0.12.04.5 precise
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date