CVE-2021-43527
Description
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.243
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| CVE-2021-43527 Memory corruption vulnerability in LibreOffice | Windows |
| Multiple vulnerabilities fixed in Mozilla Thunderbird (91) (91.4.0) | Windows |
| Multiple vulnerabilities fixed in Mozilla Thunderbird (91) (x64) (91.4.0) | Windows |
| Network Security Service library (USN-5168-1) libnss3_3.61-1ubuntu2.1_i386.deb | Linux |
| Network Security Service library (USN-5168-1) libnss3_3.61-1ubuntu2.1_amd64.deb | Linux |
| Network Security Service library (USN-5168-1) libnss3_3.68-1ubuntu1.1_i386.deb | Linux |
| Network Security Service library (USN-5168-1) libnss3_3.68-1ubuntu1.1_amd64.deb | Linux |
| Network Security Service library (USN-5168-1) libnss3_3.35-2ubuntu2.13_i386.deb | Linux |
| Network Security Service library (USN-5168-1) libnss3_3.35-2ubuntu2.13_amd64.deb | Linux |
| Network Security Service library (USN-5168-1) libnss3_3.49.1-1ubuntu1.6_i386.deb | Linux |
| Network Security Service library (USN-5168-1) libnss3_3.49.1-1ubuntu1.6_amd64.deb | Linux |
| (RHSA-2021:4903) nss security update nss-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-debugsource-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-debugsource-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-freebl-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-freebl-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-freebl-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-softokn-freebl-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-sysinit-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-tools-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-util-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-util-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-util-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| (RHSA-2021:4903) nss security update nss-util-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-3.67.0-4.el7_9.i686.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-3.67.0-4.el7_9.x86_64.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-devel-3.67.0-4.el7_9.i686.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-devel-3.67.0-4.el7_9.x86_64.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-pkcs11-devel-3.67.0-4.el7_9.i686.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-pkcs11-devel-3.67.0-4.el7_9.x86_64.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-sysinit-3.67.0-4.el7_9.x86_64.rpm | Linux |
| (RHSA-2021:4904) nss security update nss-tools-3.67.0-4.el7_9.x86_64.rpm | Linux |
| Nss update (ELSA-2021-4903) nss-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss update (ELSA-2021-4903) nss-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-devel update (ELSA-2021-4903) nss-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss-devel update (ELSA-2021-4903) nss-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-softokn update (ELSA-2021-4903) nss-softokn-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss-softokn update (ELSA-2021-4903) nss-softokn-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-softokn-devel update (ELSA-2021-4903) nss-softokn-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss-softokn-devel update (ELSA-2021-4903) nss-softokn-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-softokn-freebl update (ELSA-2021-4903) nss-softokn-freebl-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss-softokn-freebl update (ELSA-2021-4903) nss-softokn-freebl-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-softokn-freebl-devel update (ELSA-2021-4903) nss-softokn-freebl-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss-softokn-freebl-devel update (ELSA-2021-4903) nss-softokn-freebl-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-sysinit update (ELSA-2021-4903) nss-sysinit-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-tools update (ELSA-2021-4903) nss-tools-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-util update (ELSA-2021-4903) nss-util-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss-util update (ELSA-2021-4903) nss-util-3.67.0-7.el8_5.x86_64.rpm | Linux |
| Nss-util-devel update (ELSA-2021-4903) nss-util-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| Nss-util-devel update (ELSA-2021-4903) nss-util-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-debuginfo-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-debuginfo-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-hmac-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-hmac-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-debuginfo-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-debuginfo-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-hmac-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-hmac-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-debuginfo-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-debuginfo-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-debuginfo-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-debuginfo-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-debugsource-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-devel-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-debuginfo-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-debuginfo-32bit-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-tools-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3939-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-tools-debuginfo-3.68.1-58.57.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-debuginfo-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-debuginfo-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-hmac-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libfreebl3-hmac-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-debuginfo-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-debuginfo-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-hmac-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) libsoftokn3-hmac-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nspr-4.34-19.21.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nspr-32bit-4.34-19.21.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nspr-debuginfo-4.34-19.21.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nspr-debuginfo-32bit-4.34-19.21.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nspr-debugsource-4.34-19.21.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nspr-devel-4.34-19.21.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-debuginfo-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-certs-debuginfo-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-debuginfo-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-debuginfo-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-debugsource-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-devel-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-debuginfo-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-sysinit-debuginfo-32bit-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-tools-3.79-58.75.1.x86_64.rpm | Linux |
| SUSE-SU-2022:2536-1(SUSE Linux Enterprise Server 12-SP5 ) mozilla-nss-tools-debuginfo-3.79-58.75.1.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-util-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-util-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-tools-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-sysinit-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-util-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-util-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-freebl-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-freebl-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-freebl-devel-3.67.0-7.el8_5.i686.rpm | Linux |
| nss security update (RLSA-2021:4903) nss-softokn-freebl-devel-3.67.0-7.el8_5.x86_64.rpm | Linux |
| nss, nss-util, nss-softokn, nspr Security Update (ALAS-2021-1722) nspr-4.32.0-1.amzn2.i686.rpm | Linux |
| nss, nss-util, nss-softokn, nspr Security Update (ALAS-2021-1722) nspr-4.32.0-1.amzn2.x86_64.rpm | Linux |
| nss, nss-util, nss-softokn, nspr Security Update (ALAS-2021-1722) nss-util-3.67.0-1.amzn2.i686.rpm | Linux |
| nss, nss-util, nss-softokn, nspr Security Update (ALAS-2021-1722) nss-util-3.67.0-1.amzn2.x86_64.rpm | Linux |
| nss, nss-util, nss-softokn, nspr Security Update (ALAS-2021-1722) nspr-devel-4.32.0-1.amzn2.x86_64.rpm | Linux |
| nss, nss-util, nss-softokn, nspr Security Update (ALAS-2021-1722) nss-util-devel-3.67.0-1.amzn2.x86_64.rpm | Linux |
| Out-of-bounds Write Vulnerability (CVE-2021-43527) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-322725 | Mozilla Thunderbird (91) (91.4.0) |
| PATCH-322726 | Mozilla Thunderbird (91) (x64) (91.4.0) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234