ArchLinux: 201704-4: nss: arbitrary code execution
Summary
An out-of-bounds write during Base64 decoding operation has been found in the Network Security Services (NSS) library due to insufficient memory being allocated to the buffer. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. The issue has been fixed in releases 3.29.5 and 3.30.1.
Resolution
Upgrade to 3.30.1-1.
# pacman -Syu "nss>=3.30.1-1"
The problem has been fixed upstream in version 3.30.1.
References
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461 https://bugzilla.mozilla.org/show_bug.cgi?id=1344380 https://hg.mozilla.org/projects/nss/rev/ac34db053672 https://security.archlinux.org/CVE-2017-5461
Workaround
None.