Debian 11: DLA-3937-1 critical: nss memory issues and TLS handshake exploit
debian lts
October 28, 2024
nss - Network Security Service libraries This is a set of libraries designed to support cross-platform development of security-enabled client and server applications
Summary
This is a set of libraries designed to support cross-platform development
of security-enabled client and server applications. It can support SSLv2
and v4, TLS, PKCS #5, #7, #11, #12, S/MIME, X.509 v3 certificates and
other security standards.
Among other utilities, this package includes:
* certutil: manages certificate and key databases (cert7.db and key3.db)
* modutil: manages the database of PKCS11 modules (secmod.db)
* pk12util: imports/exports keys and certificates between the cert/key
databases and files in PKCS12 format.
* shlibsign: creates .chk files for use in FIPS mode.
* signtool: creates digitally-signed jar archives containing files and/or
code.
* ssltap: proxy requests for an SSL server and display the contents of
the messages exchanged between the client and server.
CVE-2024-0743
An unchecked return value in TLS handshake code could have caused
a potentially exploitable crash.
CVE-2024-6602
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: nss
Version: 2:3.61-1+deb11u4
CVE ID: CVE-2024-0743 CVE-2024-6602 CVE-2024-6609
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!