Source | Text Version

QSN-4203-1: nss vulnerability

November 27, 2019


NSS could be made to crash or run programs if it received specially crafted input.


It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.



A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l libnss3

If the current version you have is before 2:3.28.4-0ubuntu0.16.04.8, run the following:

$ sudo apt-get update
$ sudo apt-get install libnss3

Copyright © 2010-2015, OSNEXUS Corporation. All rights reserved.