Source | Text Version

QSN-4203-1: nss vulnerability

November 27, 2019

Summary

NSS could be made to crash or run programs if it received specially crafted input.

Details

It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

References

https://usn.ubuntu.com/4203-1

http://people.canonical.com/~ubuntu-security/cve/CVE-2019-11745

Update

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l libnss3

If the current version you have is before 2:3.28.4-0ubuntu0.16.04.8, run the following:

$ sudo apt-get update
$ sudo apt-get install libnss3

Copyright © 2010-2015, OSNEXUS Corporation. All rights reserved.