CVE-2016-1938

NameCVE-2016-1938
DescriptionThe s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-427-1, DLA-480-1, DSA-3688-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
nss (PTS)bullseye2:3.61-1+deb11u3fixed
bullseye (security)2:3.61-1+deb11u4fixed
bookworm2:3.87.1-1fixed
bookworm (security)2:3.87.1-1+deb12u1fixed
sid, trixie2:3.106-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceweaselsourcesqueeze(not affected)
iceweaselsourcewheezy(not affected)
iceweaselsourcejessie(not affected)
iceweaselsource(unstable)44.0-1
nsssourcesqueeze3.12.8-1+squeeze14DLA-427-1
nsssourcewheezy2:3.14.5-1+deb7u6DLA-480-1
nsssourcejessie2:3.26-1+debu8u1DSA-3688-1
nsssource(unstable)2:3.21-1

Notes

[jessie] - iceweasel <not-affected> (Only affects Firefox 43.x)
[wheezy] - iceweasel <not-affected> (Only affects Firefox 43.x)
[squeeze] - iceweasel <not-affected> (Only affects Firefox 43.x)
Marked as fixed in 44.0-1 which would be the version fixing
the issue while using the bundled nss version. iceweasel for
unstable though used the system library.
https://www.mozilla.org/en-US/security/advisories/mfsa2016-07/
https://hg.mozilla.org/projects/nss/rev/a555bf0fc23a
https://hg.mozilla.org/projects/nss/rev/608645309ab9
https://hg.mozilla.org/projects/nss/rev/cfd0ad4726cb
https://bugzilla.mozilla.org/show_bug.cgi?id=1190248 (not yet public)

Search for package or bug name: Reporting problems