[USN-5506-1] NSS vulnerabilities
Severity
Medium
Affected Packages
12
CVEs
2
Several security issues were fixed in NSS.
Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7
sequence. A remote attacker could possibly use this issue to cause NSS to
crash, resulting in a denial of service. This issue only affected Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-22747)
Ronald Crane discovered that NSS incorrectly handled certain memory
operations. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-34480)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/libnss3?distro=jammy | < 3.68.2-0ubuntu1.1 |
pkg:deb/ubuntu/libnss3?distro=impish | < 3.68-1ubuntu1.2 |
pkg:deb/ubuntu/libnss3?distro=focal | < 3.49.1-1ubuntu1.8 |
pkg:deb/ubuntu/libnss3?distro=bionic | < 3.35-2ubuntu2.15 |
pkg:deb/ubuntu/libnss3-tools?distro=jammy | < 3.68.2-0ubuntu1.1 |
pkg:deb/ubuntu/libnss3-tools?distro=impish | < 3.68-1ubuntu1.2 |
pkg:deb/ubuntu/libnss3-tools?distro=focal | < 3.49.1-1ubuntu1.8 |
pkg:deb/ubuntu/libnss3-tools?distro=bionic | < 3.35-2ubuntu2.15 |
pkg:deb/ubuntu/libnss3-dev?distro=jammy | < 3.68.2-0ubuntu1.1 |
pkg:deb/ubuntu/libnss3-dev?distro=impish | < 3.68-1ubuntu1.2 |
pkg:deb/ubuntu/libnss3-dev?distro=focal | < 3.49.1-1ubuntu1.8 |
pkg:deb/ubuntu/libnss3-dev?distro=bionic | < 3.35-2ubuntu2.15 |
- ID
- USN-5506-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-5506-1
- Published
-
2022-07-07T12:09:58
(2 years ago) - Modified
-
2022-07-07T12:09:58
(2 years ago) - Other Advisories
-
- ALAS2-2022-1818
- ALPINE:CVE-2022-22747
- ALPINE:CVE-2022-34480
- ALSA-2022:0129
- ALSA-2022:0130
- DSA-5044-1
- DSA-5045-1
- DSA-5062-1
- ELSA-2022-0124
- ELSA-2022-0127
- ELSA-2022-0129
- ELSA-2022-0130
- GLSA-202202-03
- GLSA-202208-08
- GLSA-202208-14
- MFSA-2022-01
- MFSA-2022-02
- MFSA-2022-03
- MFSA-2022-24
- openSUSE-SU-2022:0136-1
- openSUSE-SU-2022:0199-1
- RHSA-2022:0124
- RHSA-2022:0127
- RHSA-2022:0129
- RHSA-2022:0130
- SUSE-SU-2022:0115-1
- SUSE-SU-2022:0136-1
- SUSE-SU-2022:0137-1
- SUSE-SU-2022:0199-1
- SUSE-SU-2022:3272-1
- SUSE-SU-2022:3273-1
- SUSE-SU-2022:3396-1
- USN-5229-1
- USN-5246-1
- USN-5248-1
- USN-5504-1
- USN-5872-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/libnss3?distro=jammy | ubuntu | libnss3 | < 3.68.2-0ubuntu1.1 | jammy | ||
Affected | pkg:deb/ubuntu/libnss3?distro=impish | ubuntu | libnss3 | < 3.68-1ubuntu1.2 | impish | ||
Affected | pkg:deb/ubuntu/libnss3?distro=focal | ubuntu | libnss3 | < 3.49.1-1ubuntu1.8 | focal | ||
Affected | pkg:deb/ubuntu/libnss3?distro=bionic | ubuntu | libnss3 | < 3.35-2ubuntu2.15 | bionic | ||
Affected | pkg:deb/ubuntu/libnss3-tools?distro=jammy | ubuntu | libnss3-tools | < 3.68.2-0ubuntu1.1 | jammy | ||
Affected | pkg:deb/ubuntu/libnss3-tools?distro=impish | ubuntu | libnss3-tools | < 3.68-1ubuntu1.2 | impish | ||
Affected | pkg:deb/ubuntu/libnss3-tools?distro=focal | ubuntu | libnss3-tools | < 3.49.1-1ubuntu1.8 | focal | ||
Affected | pkg:deb/ubuntu/libnss3-tools?distro=bionic | ubuntu | libnss3-tools | < 3.35-2ubuntu2.15 | bionic | ||
Affected | pkg:deb/ubuntu/libnss3-dev?distro=jammy | ubuntu | libnss3-dev | < 3.68.2-0ubuntu1.1 | jammy | ||
Affected | pkg:deb/ubuntu/libnss3-dev?distro=impish | ubuntu | libnss3-dev | < 3.68-1ubuntu1.2 | impish | ||
Affected | pkg:deb/ubuntu/libnss3-dev?distro=focal | ubuntu | libnss3-dev | < 3.49.1-1ubuntu1.8 | focal | ||
Affected | pkg:deb/ubuntu/libnss3-dev?distro=bionic | ubuntu | libnss3-dev | < 3.35-2ubuntu2.15 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |