RHSA-2019:2237MediumCVSS 7.5
Red Hat Security Advisory: nss, nss-softokn, nss-util, and nspr security, bug fix, and enhancement update
🔗 CVE IDs covered (3)
📋 Description
CVE-2018-0495 — ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries CVE-2018-12404 — nss: Cache side-channel variant of the Bleichenbacher attack CVE-2019-17007 — nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS
🔗 References (23)
- selfhttps://access.redhat.com/errata/RHSA-2019:2237
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1144186
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1212132
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1431241
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1444136
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1455288
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1508571
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1508595
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1509045
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1509396
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1510156
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1514041
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1533729
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1538081
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1591163
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1639873
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1657164
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1657913
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1670239
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1712876
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2237.json