#VU32328 Cryptographic issues in Mozilla NSS - CVE-2016-1938
Published: January 31, 2016 / Updated: July 28, 2020
Vulnerability identifier: #VU32328
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2016-1938
CWE-ID: CWE-310
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Mozilla NSS
Mozilla NSS
Software vendor:
Mozilla
Mozilla
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.
Remediation
Install update from vendor's website.
External links
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
- http://www.debian.org/security/2016/dsa-3688
- http://www.mozilla.org/security/announce/2016/mfsa2016-07.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.securityfocus.com/bid/81955
- http://www.securityfocus.com/bid/91787
- http://www.securitytracker.com/id/1034825
- http://www.ubuntu.com/usn/USN-2880-1
- http://www.ubuntu.com/usn/USN-2880-2
- http://www.ubuntu.com/usn/USN-2903-1
- http://www.ubuntu.com/usn/USN-2903-2
- http://www.ubuntu.com/usn/USN-2973-1
- https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=1190248
- https://bugzilla.mozilla.org/show_bug.cgi?id=1194947
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes
- https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c
- https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c
- https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c
- https://security.gentoo.org/glsa/201605-06
- https://security.gentoo.org/glsa/201701-46