Skip to content

OSG-SEC-2021-12-02 CRITICAL Severity RCE Vulnerability in NSS

Dear OSG Security Contacts,

A remote code execution flaw was found in the way NSS verifies certificates. This flaw allows an attacker posing as an SSL/TLS server to trigger this issue in a client application compiled with NSS when it tries to initiate an SSL/TLS connection. The highest threat to this vulnerability is confidentiality, integrity, as well as system availability. The OSG Security Team considers this vulnerability to be of CRITICAL severity.

IMPACTED VERSIONS

Any software using the Network Security Services (NSS) libraries, including but not limited to: CentOS 7, 8, and other RHEL Derivatives Red Hat Virtualization 4 Red Hat Enterprise Linux 6 Extended Lifecycle Support Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 8.4

WHAT ARE THE VULNERABILITIES

CVE-2021-43527 [1]

Red Hat provided this information: A remote code execution flaw was found in the way NSS verifies certificates. This flaw allows an attacker posing as an SSL/TLS server to trigger this issue in a client application compiled with NSS when it tries to initiate an SSL/TLS connection. Similarly, a server application compiled with NSS, which processes client certificates, can receive a malicious certificate via a client, triggering the flaw. The highest threat to this vulnerability is confidentiality, integrity, as well as system availability.

WHAT YOU SHOULD DO

Update the NSS library packages and restart software like Firefox that uses them. Redhat has released fixes and other vendors will be releasing updates shortly.

https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html https://access.redhat.com/errata/RHSA-2021:4903 https://access.redhat.com/errata/RHSA-2021:4904 https://access.redhat.com/errata/RHSA-2021:4907 https://access.redhat.com/errata/RHSA-2021:4909 http://mirror.centos.org/centos-7/7/os/x86_64/Packages/?C=M;O=D http://mirror.centos.org/centos/8/BaseOS/x86_64/os/Packages/

REFERENCES

[1] https://access.redhat.com/security/cve/CVE-2021-43527

Please contact the OSG security team immediately at [email protected] if you have any questions or concerns.

OSG Security Team