FreeBSD Bugzilla – Attachment 187103 Details for
Bug 222952
security/vuxml: Document vulnerability in nss (CVE-2017-7805)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Document vulnerability in nss
vuxml.patch (text/plain), 1.95 KB, created by
VK
on 2017-10-12 13:19:44 UTC
(
hide
)
Description:
Document vulnerability in nss
Filename:
MIME Type:
Creator:
VK
Created:
2017-10-12 13:19:44 UTC
Size:
1.95 KB
patch
obsolete
>Index: security/vuxml/vuln.xml >=================================================================== >--- security/vuxml/vuln.xml (revision 451868) >+++ security/vuxml/vuln.xml (working copy) >@@ -58,6 +58,47 @@ > * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="e71fd9d3-af47-11e7-a633-009c02a2ab30"> >+ <topic>nss -- Use-after-free in TLS 1.2 generating handshake hashes</topic> >+ <affects> >+ <package> >+ <name>nss</name> >+ <range><lt>3.32.1</lt></range> >+ </package> >+ <package> >+ <name>linux-c6-nss</name> >+ <range><lt>3.32.1</lt></range> >+ </package> >+ <package> >+ <name>linux-c7-nss</name> >+ <range><lt>3.32.1</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Mozilla reports:</p> >+ <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805"> >+ <p>During TLS 1.2 exchanges, handshake hashes are generated which >+ point to a message buffer. This saved data is used for later >+ messages but in some cases, the handshake transcript can >+ exceed the space available in the current buffer, causing the >+ allocation of a new buffer. This leaves a pointer pointing to >+ the old, freed buffer, resulting in a use-after-free when >+ handshake hashes are then calculated afterwards. This can >+ result in a potentially exploitable crash.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <url>https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805</url> >+ <cvename>CVE-2017-7805</cvename> >+ </references> >+ <dates> >+ <discovery>2017-08-04</discovery> >+ <entry>2017-10-12</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="15a62f22-098a-443b-94e2-2d26c375b993"> > <topic>osip -- Improper Restriction of Operations within the Bounds of a Memory Buffer</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=187103">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 222952
:
187103
|
187104
|
187105