CVE-2023-4421 — Observable Discrepancy in Mozilla NSS

CWE-203 — Observable Discrepancy CWE-208 — Observable Timing Discrepancy10 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 54.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla NSS

Timeline

PublishedDec 12

Latest updateApr 11

Description

The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected ciphertexts, the attacker would be able to decrypt a previously intercepted PKCS#1 v1.5 ciphertext (for example, to decrypt a TLS session that used RSA key exchange), or forge a signature using the victim's k…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5mozilla/nssunspecified — 3.61

▶NVDmozilla/nss< 3.6.1

▶Debianmozilla/nss< 2:3.61-1+3

▶Ubuntumozilla/nss< 2:3.98-0ubuntu0.20.04.1+1

🔴Vulnerability Details

OSV

nss regression↗2024-04-11

▶

OSV

nss vulnerabilities↗2024-04-10

▶

GHSA

GHSA-3hpv-hgvq-792m: The NSS code used for checking PKCS#1 v1↗2023-12-12

▶

CVEList

CVE-2023-4421: The NSS code used for checking PKCS#1 v1↗2023-12-12

▶

OSV

CVE-2023-4421: The NSS code used for checking PKCS#1 v1↗2023-12-12

▶

📋Vendor Advisories

Ubuntu

NSS vulnerabilities↗2024-04-10

▶

Red Hat

nss: new tlsfuzzer code can still detect timing issues in RSA operations↗2023-09-13

▶

Debian

CVE-2023-4421: nss - The NSS code used for checking PKCS#1 v1.5 was leaking information useful in mou...↗2023

▶

Mozilla

Mozilla Foundation Security Advisory 2023-53: CVE-2023-4421↗

▶