Wind River Support Network

HomeDefectsLIN9-7328
Fixed

LIN9-7328 : Security Advisory - nss - CVE-2016-8635

Created: Aug 15, 2018    Updated: Dec 3, 2018
Resolved Date: Aug 23, 2018
Found In Version: 9.0.0.17
Fix Version: 9.0.0.18
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group.

https://nvd.nist.gov/vuln/detail/CVE-2016-8635

Other Downloads


CVEs


Live chat
Online