nspr-4.25.0-2.el7, nss-softokn-3.53.1-6.el7, nss-3.53.1-3.0.1.el7.AXS7, nss-util-3.53.1-1.el7

エラータID: AXSA:2020-683:02

リリース日: 
2020/10/23 Friday - 09:53
題名: 
nspr-4.25.0-2.el7, nss-softokn-3.53.1-6.el7, nss-3.53.1-3.0.1.el7.AXS7, nss-util-3.53.1-1.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

- nss は、 PKCS#8 形式の curve25519 プライベートキーを先頭に 0x00 を付けて
インポートすると、ネットワークセキュリティサービス(NSS)ライブラリ内で
境界外読み込みを引き起こす可能性があり、情報を開示してしまう脆弱性があります。
(CVE-2019-11719)

- nss には、PKCS#1 v1.5形式の署名がTLS1.3 で CertificateRequest 中のサーバーによって
アドバタイズされた唯一のものである場合、PKCS#1 v1.5形式の署名を使い、
ネットワークセキュリティサービス(NSS)に強制的に CertificateVerify に署名させる
脆弱性があります。(CVE-2019-11727)

- nss には不適切なソフトトークンのセッションオブジェクトの参照カウントの問題があり、
解放後使用(user-after-free)と(サービス拒否に限定される可能性が高い)クラッシュの
原因となる脆弱性があります。(CVE-2019-11756)

- nss には、 HelloRetryRequest を送った直後にクライアントが TLS1.3 未満のプロトコルを
ネゴシエートすることで、TLSステートマシン内で無効な状態遷移を引き起し、
クライアントがこの状態になっていると、着信したアプリケーションデータの記録が
無視されてしまう脆弱性があります。(CVE-2019-17023)

- nss は座標を projective から affine に変換する際、モジュラ反転が一定の時間で
実行されないため、タイミングに基づいたサイドチャネル攻撃を受けるかも知れない
脆弱性があります。(CVE-2020-12400)

- nss は ECDSA 署名を生成している間、スカラ乗算を定数時間で終わることを
保証するために設計された nonce に適用されるパディングが除去されていたため、
実行時間が秘密情報に依存し、変化してしまう脆弱性があります。(CVE-2020-12401)

- nss は RSA キーを生成している間、BIGNUM の実装に入力依存フローを
明確に必要とするバイナリ拡張ユークリッド互除法の変種を使用するため、
攻撃者が電磁ベースのサイドチャネル攻撃を実行し、重要な秘密を復元するために
レコードをトレースされてしまう脆弱性があります。(CVE-2020-12402)

現時点では CVE-2019-17006, CVE-2020-12403, CVE-2020-6829の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。

解決策: 

Update packages.

CVE: 
CVE-2019-11719
When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services (NSS) library. This could lead to information disclosure. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-11727
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.
CVE-2019-11756
Improper refcounting of soft token session objects could cause a use-after-free and crash (likely limited to a denial of service). This vulnerability affects Firefox < 71.
CVE-2019-17006
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
CVE-2019-17023
After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72.
CVE-2020-12400
When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
CVE-2020-12401
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80.
CVE-2020-12402
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78.
CVE-2020-12403
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2020-6829
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. nspr-4.25.0-2.el7.src.rpm
    MD5: 163dcc2f3647ef8b03aa0b5f81677ed4
    SHA-256: 973e9d75482397c0a1ca389cd9093e78f8661d1c602e10934fc4b224a55d8fc7
    Size: 1.05 MB
  2. nss-softokn-3.53.1-6.el7.src.rpm
    MD5: 0d4e4aef665d4f3b4cb57a639c71284d
    SHA-256: a8d61e5422127ca72cdc0e811eafb755b37ca14870bd519bdf0b68cd736c939e
    Size: 67.22 MB
  3. nss-3.53.1-3.0.1.el7.AXS7.src.rpm
    MD5: 3ca26fe2cc8d3751e39a4897f744df96
    SHA-256: 32596bd7a49a79cd2415baf60e125cd454ba7745f80512b1cda3151e5381cc6a
    Size: 77.67 MB
  4. nss-util-3.53.1-1.el7.src.rpm
    MD5: 89c79c776a86d5a7e4ba7defba07f359
    SHA-256: b824ce9a5abd4113e9112112f63aed05a1f92308c6c00b0749616e81258456dd
    Size: 19.80 MB

Asianux Server 7 for x86_64
  1. nspr-4.25.0-2.el7.x86_64.rpm
    MD5: 05e0e6fd0267d9452dc08856d8e1fc4a
    SHA-256: a53ea38635114daea5202e67c25ae2257d632d424239732a8b011d758c0443c0
    Size: 125.93 kB
  2. nspr-devel-4.25.0-2.el7.x86_64.rpm
    MD5: ebbe38d388bc9e9cc0a222d3b5922c50
    SHA-256: 855eba3fb0307aa9a8148d03a8c1c9c5ace2c49ffe314a993cab29202a71c040
    Size: 113.20 kB
  3. nss-softokn-3.53.1-6.el7.x86_64.rpm
    MD5: 9aab4fe496b94ec8623896f2c55eee07
    SHA-256: 3bea9d9a1f85fa20560a6bb7a9795da0704bd6b9f8cb9542534041e082a57fb1
    Size: 353.21 kB
  4. nss-softokn-devel-3.53.1-6.el7.x86_64.rpm
    MD5: d5f136352072d904fce8d9daff566ce6
    SHA-256: 32f51657cd856e9929f86b6d3cd5b5e4c20ca099c39b2863082495e43c1709a0
    Size: 29.97 kB
  5. nss-softokn-freebl-3.53.1-6.el7.x86_64.rpm
    MD5: 0db94bc9331b38405ecb0d5dc35ff1bb
    SHA-256: a424a9fa28c2ff8eff772bd30b772468b0e5b877689c3861492e546cdde0d159
    Size: 321.10 kB
  6. nss-softokn-freebl-devel-3.53.1-6.el7.x86_64.rpm
    MD5: d477fe7868ede705c98240e8913e9d28
    SHA-256: 09215777d7056fb1dbf994b4a80ee20cff5ca9b71aa48a34b036162503996817
    Size: 60.89 kB
  7. nss-3.53.1-3.0.1.el7.AXS7.x86_64.rpm
    MD5: d29f43c90bd358a3d12088338ce60116
    SHA-256: c9671aa8162a0dfbaa785a92cc8c31d60fa8e9b79946ee3aa12ea6cd54180fb4
    Size: 867.94 kB
  8. nss-devel-3.53.1-3.0.1.el7.AXS7.x86_64.rpm
    MD5: 390a9f57f9170d2efe495e2beebdc14d
    SHA-256: 51d7181d56fb042b4d2b6ce7f51a7d8e43c688fa1914d0f3f9c9faf8b3c64eb6
    Size: 239.19 kB
  9. nss-sysinit-3.53.1-3.0.1.el7.AXS7.x86_64.rpm
    MD5: 971b68609876b2c2fbe5d8f4896214cd
    SHA-256: 757dc43f2949f7cbe4170ee822eb7e63ede542aeccab87f7639cb17e9a7f5462
    Size: 64.59 kB
  10. nss-tools-3.53.1-3.0.1.el7.AXS7.x86_64.rpm
    MD5: 4dfab147b25b23e3978551970f6deba0
    SHA-256: 1f2870650cb5d3e8e45b6e5fb1d67904d99b94fe6af439f51fea72cf9d8670d3
    Size: 534.09 kB
  11. nss-util-3.53.1-1.el7.x86_64.rpm
    MD5: 3d9f2f93cfa3ea6fc95fceb941925ed7
    SHA-256: 5d2e95790c337f7ef8d3dfe516c65eb3e2cd36d2789be66936f0ac7988c9bcc8
    Size: 78.14 kB
  12. nss-util-devel-3.53.1-1.el7.x86_64.rpm
    MD5: a21bb569e64dfec71126cb0cd276f350
    SHA-256: 75bb3401d9ff2fe53398b16d9064a1761e49ad5927fecd1ffb72d4e01e0427e2
    Size: 80.09 kB
  13. nspr-4.25.0-2.el7.i686.rpm
    MD5: c28ebdd5cd182921ad479affcbb75920
    SHA-256: a910ddaf832a6056e347c65f11d7c02589da55f2922c8441ce77173ac27d03e9
    Size: 127.61 kB
  14. nspr-devel-4.25.0-2.el7.i686.rpm
    MD5: 9195414a6e6fc4315d8f83d5a1cfa593
    SHA-256: 0d37544066cb24f7cde9d22558019456a1574aaa91560301d033bc27fc2a00b3
    Size: 113.25 kB
  15. nss-softokn-3.53.1-6.el7.i686.rpm
    MD5: 1bc097651ff4045878cae295888f5830
    SHA-256: 8a6b57b4f36f9949dcfbb21085a991586a9e9f9b7894f8c66f784d5436fdf575
    Size: 360.54 kB
  16. nss-softokn-devel-3.53.1-6.el7.i686.rpm
    MD5: 6bafc32b3f9ae2526892d22d13cd5654
    SHA-256: aa7111ef28cb5f5924f87ab3d60c4ac905843eb853b03fc34cc348afec1ee2ee
    Size: 30.01 kB
  17. nss-softokn-freebl-3.53.1-6.el7.i686.rpm
    MD5: 8b650145345e8ec93ab1dab3f06298a8
    SHA-256: e1ffb51ad983e451e44418709aed671bba239dc7aa5da81aa0bbce5b9c65d2f0
    Size: 320.59 kB
  18. nss-softokn-freebl-devel-3.53.1-6.el7.i686.rpm
    MD5: b7cf5ba1b9c45563fb72c89fa2106eb5
    SHA-256: 690f294ff68db9aef765dc5e5e4c32227cf0d8b5e839995abb841a138e869e7d
    Size: 59.91 kB
  19. nss-3.53.1-3.0.1.el7.AXS7.i686.rpm
    MD5: f9cc0ff370303aa2a79d00620e85209a
    SHA-256: 16dc957c86813a22d0548c203f450803cc5f829836ad34b8541e05ef2bc10748
    Size: 868.45 kB
  20. nss-devel-3.53.1-3.0.1.el7.AXS7.i686.rpm
    MD5: 983c2cec828398e0cbca7b190fb26576
    SHA-256: 09a0298f3c47df12cf4253d4bda6614b8b080d29ac855efe7e79135fb2e501ac
    Size: 240.64 kB
  21. nss-util-3.53.1-1.el7.i686.rpm
    MD5: b8ef15702b98971a53c61d4aa8d21277
    SHA-256: 84a2a108f6718d8691ee9d4b868decd21809d126ee34dfd6d156339db57a5895
    Size: 76.62 kB
  22. nss-util-devel-3.53.1-1.el7.i686.rpm
    MD5: cba47eb4422b86ba1effb822c800d146
    SHA-256: c8fcd275efe65e274031a27fc8bf7c9b5a8623b471e56eb16e6fc71ff01ab635
    Size: 80.13 kB