CVE-2020-12399
published 2020-07-09CVE-2020-12399: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects…
PriorityP417medium4.4CVSS 3.1
AVLACHPRLUIRSUCHINAN
EPSS
0.65%
46.7th percentile
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | firefox | < firefox 77.0-1 (sid) | firefox 77.0-1 (sid) |
| debian | firefox-esr | < firefox 77.0-1 (sid) | firefox 77.0-1 (sid) |
| debian | nss | < firefox 77.0-1 (sid) | firefox 77.0-1 (sid) |
| debian | thunderbird | < firefox 77.0-1 (sid) | firefox 77.0-1 (sid) |
| mozilla | firefox | < 77.0 | 77.0 |
| mozilla | firefox | — | — |
| mozilla | firefox | >= 0 < 77.0.1+build1-0ubuntu0.16.04.1 | 77.0.1+build1-0ubuntu0.16.04.1 |
| mozilla | firefox | >= 0 < 77.0.1+build1-0ubuntu0.18.04.1 | 77.0.1+build1-0ubuntu0.18.04.1 |
| mozilla | firefox | >= 0 < 77.0.1+build1-0ubuntu0.20.04.1 | 77.0.1+build1-0ubuntu0.20.04.1 |
| mozilla | firefox | >= unspecified < 77 | 77 |
| mozilla | firefox_esr | < 68.9.0 | 68.9.0 |
| mozilla | firefox_esr | >= unspecified < 68.9 | 68.9 |
| mozilla | nss | >= 0 < 2:3.53-1 | 2:3.53-1 |
| mozilla | nss | >= 0 < 2:3.53-1 | 2:3.53-1 |
| mozilla | nss | >= 0 < 2:3.53-1 | 2:3.53-1 |
| mozilla | nss | >= 0 < 2:3.53-1 | 2:3.53-1 |
| mozilla | nss | >= 0 < 2:3.28.4-0ubuntu0.16.04.11 | 2:3.28.4-0ubuntu0.16.04.11 |
| mozilla | nss | >= 0 < 2:3.35-2ubuntu2.8 | 2:3.35-2ubuntu2.8 |
| mozilla | nss | >= 0 < 2:3.49.1-1ubuntu1.1 | 2:3.49.1-1ubuntu1.1 |
| mozilla | nss | >= 0 < 2:3.28.4-0ubuntu0.14.04.5+esm5 | 2:3.28.4-0ubuntu0.14.04.5+esm5 |
| mozilla | thunderbird | < 68.9.0 | 68.9.0 |
| mozilla | thunderbird | >= 0 < 1:68.9.0-1 | 1:68.9.0-1 |
| mozilla | thunderbird | >= 0 < 1:68.9.0-1 | 1:68.9.0-1 |
| mozilla | thunderbird | >= 0 < 1:68.9.0-1 | 1:68.9.0-1 |
CVSS provenance
nvdv3.14.4MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
nvdv2.01.2LOWAV:L/AC:H/Au:N/C:P/I:N/A:N
osv7.5HIGH
vendor_ubuntu7.5HIGH
vendor_debian4.4MEDIUM
vendor_redhat4.4MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Thunderbird vulnerabilities
vendor_ubuntu·2020-07-08·CVSS 7.5
CVE-2020-12398 [HIGH] Thunderbird vulnerabilities
Title: Thunderbird vulnerabilities
Summary: Several security issues were fixed in Thunderbird.
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, or execute arbtirary code. (CVE-2020-12405,
CVE-2020-12406, CVE-2020-12410, CVE-2020-12417, CVE-2020-12418,
CVE-2020-12419, CVE-2020-12420)
It was discovered that Thunderbird would continue an unencrypted
connection when configured to use STARTTLS for IMAP if the server
responded with PREAUTH. A remote attacker could potentially exploit
this to perform a person-in-the-middle attack in order to obtain
sensitive information. (CVE-2020-12398)
It was d
Ubuntu
NSS vulnerability
vendor_ubuntu·2020-06-17·CVSS 4.4
CVE-2020-12399 [MEDIUM] NSS vulnerability
Title: NSS vulnerability
Summary: NSS could be made to expose sensitive information over the
network.
USN-4397-1 fixed a vulnerability in NSS. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key
generation. A local attacker could possibly use this issue to perform a
timing attack and recover DSA keys. (CVE-2020-12399)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Ubuntu
NSS vulnerabilities
vendor_ubuntu·2020-06-16·CVSS 6.5
CVE-2019-17023 [MEDIUM] NSS vulnerabilities
Title: NSS vulnerabilities
Summary: Several security issues were fixed in NSS.
It was discovered that NSS incorrectly handled the TLS State Machine. A
remote attacker could possibly use this issue to cause NSS to hang,
resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS
and Ubuntu 19.10. (CVE-2019-17023)
Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key
generation. A local attacker could possibly use this issue to perform a
timing attack and recover DSA keys. (CVE-2020-12399)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Ubuntu
Firefox vulnerabilities
vendor_ubuntu·2020-06-04·CVSS 4.4
CVE-2020-12399 [MEDIUM] Firefox vulnerabilities
Title: Firefox vulnerabilities
Summary: Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the
addressbar, or execute arbitrary code. (CVE-2020-12405, CVE-2020-12406,
CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410,
CVE-2020-12411)
It was discovered that NSS showed timing differences when performing DSA
signatures. An attacker could potentially exploit this to obtain private
keys using a timing attack. (CVE-2020-12399)
Instructions: After a standard system update you need to restart Firefox to make
all the necessary changes.
Red Hat
nss: Timing attack on DSA signature generation
vendor_redhat·2020-05-21·CVSS 4.4
CVE-2020-12399 [MEDIUM] CWE-327 nss: Timing attack on DSA signature generation
nss: Timing attack on DSA signature generation
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality.
Statement: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack
Debian
CVE-2020-12399: firefox - NSS has shown timing differences when performing DSA signatures, which was explo...
vendor_debian·2020·CVSS 4.4
CVE-2020-12399 [MEDIUM] CVE-2020-12399: firefox - NSS has shown timing differences when performing DSA signatures, which was explo...
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
Scope: local
sid: resolved (fixed in 77.0-1)
Mozilla
Mozilla Foundation Security Advisory 2020-21: CVE-2020-12399
vendor_mozilla·CVSS 4.4
CVE-2020-12399 [MEDIUM] Mozilla Foundation Security Advisory 2020-21: CVE-2020-12399
Mozilla Foundation Security Advisory 2020-21
CVE: CVE-2020-12399
Product: Firefox ESR
Impact: high
Fixed in: Firefox ESR 68.9
Mozilla
Mozilla Foundation Security Advisory 2020-22: CVE-2020-12399
vendor_mozilla·CVSS 4.4
CVE-2020-12399 [MEDIUM] Mozilla Foundation Security Advisory 2020-22: CVE-2020-12399
Mozilla Foundation Security Advisory 2020-22
CVE: CVE-2020-12399
Product: Thunderbird
Impact: high
Fixed in: Thunderbird 68.9
Mozilla
Mozilla Foundation Security Advisory 2020-20: CVE-2020-12399
vendor_mozilla·CVSS 4.4
CVE-2020-12399 [MEDIUM] Mozilla Foundation Security Advisory 2020-20: CVE-2020-12399
Mozilla Foundation Security Advisory 2020-20
CVE: CVE-2020-12399
Product: Firefox
Impact: high
Fixed in: Firefox 77
GHSA
GHSA-fq62-4j88-qq7x: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys
ghsa_unreviewed·2022-05-24
CVE-2020-12399 [MEDIUM] CWE-203 GHSA-fq62-4j88-qq7x: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
OSV
CVE-2020-12399: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys
osv·2020-07-09·CVSS 4.4
CVE-2020-12399 [MEDIUM] CVE-2020-12399: NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys
NSS has shown timing differences when performing DSA signatures, which was exploitable and could eventually leak private keys. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
OSV
thunderbird vulnerabilities
osv·2020-07-08·CVSS 7.5
CVE-2020-12405 [HIGH] thunderbird vulnerabilities
thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, or execute arbtirary code. (CVE-2020-12405,
CVE-2020-12406, CVE-2020-12410, CVE-2020-12417, CVE-2020-12418,
CVE-2020-12419, CVE-2020-12420)
It was discovered that Thunderbird would continue an unencrypted
connection when configured to use STARTTLS for IMAP if the server
responded with PREAUTH. A remote attacker could potentially exploit
this to perform a person-in-the-middle attack in order to obtain
sensitive information. (CVE-2020-12398)
It was discovered that NSS showed timing differences when performing DSA
sig
OSV
nss vulnerability
osv·2020-06-17·CVSS 4.4
CVE-2020-12399 [MEDIUM] nss vulnerability
nss vulnerability
USN-4397-1 fixed a vulnerability in NSS. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key
generation. A local attacker could possibly use this issue to perform a
timing attack and recover DSA keys. (CVE-2020-12399)
OSV
nss vulnerabilities
osv·2020-06-16·CVSS 6.5
CVE-2019-17023 [MEDIUM] nss vulnerabilities
nss vulnerabilities
It was discovered that NSS incorrectly handled the TLS State Machine. A
remote attacker could possibly use this issue to cause NSS to hang,
resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS
and Ubuntu 19.10. (CVE-2019-17023)
Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key
generation. A local attacker could possibly use this issue to perform a
timing attack and recover DSA keys. (CVE-2020-12399)
OSV
firefox vulnerabilities
osv·2020-06-04·CVSS 4.4
CVE-2020-12405 [MEDIUM] firefox vulnerabilities
firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the
addressbar, or execute arbitrary code. (CVE-2020-12405, CVE-2020-12406,
CVE-2020-12407, CVE-2020-12408, CVE-2020-12409, CVE-2020-12410,
CVE-2020-12411)
It was discovered that NSS showed timing differences when performing DSA
signatures. An attacker could potentially exploit this to obtain private
keys using a timing attack. (CVE-2020-12399)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-12399 nss: Timing attack on DSA signature generation [fedora-all]
bugzilla·2020-05-21·CVSS 4.4
CVE-2020-12399 [MEDIUM] CVE-2020-12399 nss: Timing attack on DSA signature generation [fedora-all]
CVE-2020-12399 nss: Timing attack on DSA signature generation [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of
Bugzilla
CVE-2020-12399 nss: Timing attack on DSA signature generation
bugzilla·2020-04-21·CVSS 4.4
CVE-2020-12399 [MEDIUM] CVE-2020-12399 nss: Timing attack on DSA signature generation
CVE-2020-12399 nss: Timing attack on DSA signature generation
During DSA signature generation in the function `dsa_SignDigest`, the nonce value `k` is not padded, exposing the bit length of `k`, i.e. the most significant bits (MSBs) of the nonce. Combined with other techniques this can result in DSA private keys recovery.
Discussion:
OpenShift 4.x only packages nss-altfiles and has been confirmed to *not* share any of the vulnerable signature code:
- nss-altfiles only reads information from files in the same format as /etc/passwd and /etc/group.
---
Upstream patch: https://hg.mozilla.org/projects/nss/rev/daa823a4a29bcef0fec33a379ec83857429aea2e
Upstream bug (still private): https://bugzilla.mozilla.org/show_bug.cgi?id=1631576
---
Acknowledgments:
Name: the Mozilla Project
Upstream:
Bugzilla
Timing attack on DSA on NSS library
bugzilla·2020-04-20
Timing attack on DSA on NSS library
Timing attack on DSA on NSS library
Created attachment 9141833
timings.pdf
[filed from mail to security@ from Cesar Pereida Garcia]
Dear NSS and Red Hat folks,
We are a team of security researchers in Finland and we would like to report a vulnerability affecting the DSA signature generation path in NSS.
The vulnerability leaks enough information to recover DSA private keys via a timing attack and a lattice calculation.
### Timing attack strikes once more ###
Affecting NSS latests branch.
This attack draws inspiration from the attacks presented in [1] and [2].
During DSA signature generation in the function `dsa_SignDigest`, the nonce value `k` is not padded, exposing the bit length of `k`,
i.e. the most significant bits (MSBs) of the nonce.
Similar to [1], the regularity of the modula
Bugzilla
CVE-2019-12399 kafka: Connect REST API exposes plaintext secrets in tasks endpoint
bugzilla·2020-01-30·CVSS 7.5
CVE-2019-12399 [HIGH] CVE-2019-12399 kafka: Connect REST API exposes plaintext secrets in tasks endpoint
CVE-2019-12399 kafka: Connect REST API exposes plaintext secrets in tasks endpoint
When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector's task configuration and the response will contain the plaintext secret rather than the externalized secrets variables.
References:
https://lists.apache.org/thread.html/r6af5ed95726874e9add022955be83c192428c248d1c9a1914aff89d9@%3Cannounce.apache.org%3E
http://www.openwall.com/lists/oss-security/2020/01/14/1
Discussion:
This iss
https://bugzilla.mozilla.org/show_bug.cgi?id=1631576https://lists.debian.org/debian-lts-announce/2020/09/msg00029.htmlhttps://security.gentoo.org/glsa/202007-49https://usn.ubuntu.com/4421-1/https://www.debian.org/security/2020/dsa-4726https://www.mozilla.org/security/advisories/mfsa2020-20/https://www.mozilla.org/security/advisories/mfsa2020-21/https://www.mozilla.org/security/advisories/mfsa2020-22/https://bugzilla.mozilla.org/show_bug.cgi?id=1631576https://lists.debian.org/debian-lts-announce/2020/09/msg00029.htmlhttps://security.gentoo.org/glsa/202007-49https://usn.ubuntu.com/4421-1/https://www.debian.org/security/2020/dsa-4726https://www.mozilla.org/security/advisories/mfsa2020-20/https://www.mozilla.org/security/advisories/mfsa2020-21/https://www.mozilla.org/security/advisories/mfsa2020-22/
2020-07-09
Published