[arch-security] [ASA-201511-3] nss: arbitrary code execution
rgacogne at archlinux.org
Fri Nov 6 12:15:40 UTC 2015
Arch Linux Security Advisory ASA-201511-3
Date : 2015-11-06
CVE-ID : CVE-2015-7181 CVE-2015-7182
Package : nss
Type : arbitrary code execution
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
The package nss before version 3.20.1-1 is vulnerable to a heap-overflow
vulnerability leading to arbitrary code execution.
Upgrade to 3.20.1-1.
# pacman -Syu "nss>=3.20.1-1"
The problem has been fixed upstream in version 3.20.1.
Several issues existed within the ASN.1 decoder used by NSS for handling
streaming BER data. While the majority of NSS uses a separate,
unaffected DER decoder, several public routines also accept BER data,
and thus are affected. An attacker that successfully exploited these
issues can overflow the heap and may be able to obtain remote code
A remote attacker, by submitting crafted ASN.1 data in BER format, can
execute arbitrary code on the affected host.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the arch-security