Arch Linux Security Advisory ASA-201511-3 ========================================= Severity: Critical Date : 2015-11-06 CVE-ID : CVE-2015-7181 CVE-2015-7182 Package : nss Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package nss before version 3.20.1-1 is vulnerable to a heap-overflow vulnerability leading to arbitrary code execution. Resolution ========== Upgrade to 3.20.1-1. # pacman -Syu "nss>=3.20.1-1" The problem has been fixed upstream in version 3.20.1. Workaround ========== None. Description =========== Several issues existed within the ASN.1 decoder used by NSS for handling streaming BER data. While the majority of NSS uses a separate, unaffected DER decoder, several public routines also accept BER data, and thus are affected. An attacker that successfully exploited these issues can overflow the heap and may be able to obtain remote code execution. Impact ====== A remote attacker, by submitting crafted ASN.1 data in BER format, can execute arbitrary code on the affected host. References ========== http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html https://access.redhat.com/security/cve/CVE-2015-7181 https://access.redhat.com/security/cve/CVE-2015-7182