Wind River Support Network

HomeDefectsLIN1018-1043
Not to be fixed

LIN1018-1043 : Security Advisory - nss - CVE-2017-11696

Created: May 14, 2018    Updated: Apr 13, 2020
Resolved Date: Apr 13, 2020
Found In Version: unknown
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace

Description

Note -- there is disagreement about this being a flaw.

Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file.

https://nvd.nist.gov/vuln/detail/CVE-2017-11696
Live chat
Online