April 1, 2023

Mozilla has addressed a heap-based buffer overflow vulnerability fix (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries.

NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications using NSS can support SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. The flaw ties the way the libraries handle DER-encoded DSA or RSA-PSS signatures in email clients and PDF viewers using vulnerable NSS versions.


The maximum size signature that this structure can handle is RSA at 2048 bytes. That’s 16384 bits, large enough to accommodate signatures from even the most ridiculously oversized keys. The question is, what happens if just make a signature that’s bigger than that? Well, it turns out the answer is memory corruption.

The untrusted signature is simply copied into this fixed-sized buffer, overwriting adjacent members with arbitrary attacker-controlled data. The bug is simple to reproduce and affects multiple algorithms. It’s believed that versions of NSS since 3.14 (released October 2012) are vulnerable. The vulnerability affects NSS versions 3.68.1 and NSS 3.73 and doesn’t impact Mozilla Firefox. The flaw was addressed with the release of NSS 3.73.0.

Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS.” reads the security advisory published by Mozilla.


NSS is used by many, including AOL, Red Hat, and Google. The list of products using the library:

  • Mozilla products, including Firefox, Thunderbird, SeaMonkey, and Firefox OS.
  • AOL Instant Messenger (AIM)
  • Open-source client applications such as Evolution, Pidgin, Apache OpenOffice, and LibreOffice.
  • Red Hat Directory Server, Red Hat Certificate System, and the mod_nss SSL module for the Apache web server.
  • Oracle Communications Messaging Server and Oracle Directory Server Enterprise Edition.
  • SUSE Linux Enterprise Server supports NSS and the mod_nss SSL module for the Apache web server.

Leave a Reply

%d bloggers like this: