Name | CVE-2016-1938 |
Description | The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DLA-427-1, DLA-480-1, DSA-3688-1 |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
nss (PTS) | bullseye | 2:3.61-1+deb11u3 | fixed |
bullseye (security) | 2:3.61-1+deb11u4 | fixed | |
bookworm | 2:3.87.1-1 | fixed | |
bookworm (security) | 2:3.87.1-1+deb12u1 | fixed | |
sid, trixie | 2:3.106-1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
iceweasel | source | squeeze | (not affected) | |||
iceweasel | source | wheezy | (not affected) | |||
iceweasel | source | jessie | (not affected) | |||
iceweasel | source | (unstable) | 44.0-1 | |||
nss | source | squeeze | 3.12.8-1+squeeze14 | DLA-427-1 | ||
nss | source | wheezy | 2:3.14.5-1+deb7u6 | DLA-480-1 | ||
nss | source | jessie | 2:3.26-1+debu8u1 | DSA-3688-1 | ||
nss | source | (unstable) | 2:3.21-1 |
[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
Marked as fixed in 44.0-1 which would be the version fixing
the issue while using the bundled nss version. iceweasel for
unstable though used the system library.
https://www.mozilla.org/en-US/security/advisories/mfsa2016-07/
https://hg.mozilla.org/projects/nss/rev/a555bf0fc23a
https://hg.mozilla.org/projects/nss/rev/608645309ab9
https://hg.mozilla.org/projects/nss/rev/cfd0ad4726cb
https://bugzilla.mozilla.org/show_bug.cgi?id=1190248 (not yet public)