Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

Ubuntu 20.04 & 18.04 LTS USN-5410-1: Critical NSS DoS Issue

ubuntu
Calendar Grey May 11, 2022
Dist Ubuntu Esm H88
The Ubuntu Security Alert USN-5410-1 pertains to a security vulnerability within NSS that may result in a denial of service situation.
NSS could be made to stop responding if it received a specially crafted message.

Summary

NSS could be made to stop responding if it received a specially crafted

message.

Software Description:

- nss: Network Security Service library

Details:

Lenny Wang discovered that NSS incorrectly handled certain

messages. A remote attacker could possibly use this issue to cause

servers compiled with NSS to stop responding, resulting in a denial of

service.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   libnss3                         2:3.49.1-1ubuntu1.7

Ubuntu 18.04 LTS:
   libnss3                         2:3.35-2ubuntu2.14

After a standard system update you need to restart any applications that
use NSS to make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-5410-1

  CVE-2020-25648

Severity
critical
Lowest
Low
Medium
High
Critical

May 11, 2022

Package Information

  https://launchpad.net/ubuntu/+source/nss/2:3.49.1-1ubuntu1.7
  https://launchpad.net/ubuntu/+source/nss/2:3.35-2ubuntu2.14

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.