CVE-2021-43527

Public on 2021-12-01
Modified on 2023-01-18
Description
NSS (Network Security Services) up to and including 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS.
When verifying a DER-encoded signature, NSS decodes the signature into a fixed-size buffer and passes the buffer to the underlying PKCS #11 module. The length of the signature is not correctly checked when processing DSA and RSA-PSS signatures. DSA and RSA-PSS signatures larger than 16384 bits will overflow the buffer in VFYContextStr. The vulnerable code is located within secvfy.c:vfy_CreateContext. (CVE-2021-43527)
Severity
Critical severity
Critical
CVSS v3 Base Score
9.1
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core nspr 2021-12-01 ALAS2-2021-1722 Fixed
Amazon Linux 1 nss 2021-12-01 ALAS-2021-1552 Fixed
Amazon Linux 2 - Core nss 2021-12-01 ALAS2-2021-1722 Fixed
Amazon Linux 2023 nss 2023-02-17 ALAS2023-2023-031 Fixed
Amazon Linux 2 - Core nss-softokn 2021-12-01 ALAS2-2021-1722 Fixed
Amazon Linux 2 - Core nss-util 2021-12-01 ALAS2-2021-1722 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
NVD CVSSv2 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P
NVD CVSSv3 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Red Hat: CVE-2021-43527 Mitre: CVE-2021-43527