Wind River Support Network

HomeDefectsLIN1022-5632
Fixed

LIN1022-5632 : Security Advisory - nss - CVE-2023-5388

Created: Oct 13, 2023    Updated: Nov 14, 2024
Resolved Date: Oct 8, 2024
Found In Version: 10.22.33.1
Fix Version: 10.22.33.19
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube