CLSA-2023-1677783628 nss: Fix of CVE-2022-34480

CVE-2022-34480: nss: fix using of uninitialized pointer in lginit...

Ubuntu: Security Advisory (USN-5872-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5872-1: NSS vulnerabilities

Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. CVE-2022-22747 Ronald Crane discovered that NSS incorrectly handled certain memory operations. A remote attacker...

SUSE CVE-2022-34480

Within the lginit function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox 102...

Ubuntu 16.04 ESM : NSS vulnerabilities (USN-5872-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5872-1 advisory. Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash,...

CVE-2022-34480

creationtimestamp| type| source ---|---|--- 2022-12-22 22:27:17+00:00| seen| Telegram/R66Pf5JzEURbuNaxKlK1iO2B49pY4Em6gXZUrvtpphdpYM...

CVE-2022-34480

Within the lginit function, if several allocations succeed but then one fails, an uninitialized pointer would have been freed despite never being allocated. This vulnerability affects Firefox 102...

CVE-2022-34480

Summary: CVE-2022-34480 affects Mozilla Firefox earlier than 102.0. The issue is in the lg_init() routine: when several allocations succeed but one fails, an uninitialized pointer could be freed, even though it was never allocated. This could enable arbitrary code execution or other impacts as de...

SUSE: Security Advisory (SUSE-SU-2022:3273-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5504-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5506-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5506-1: NSS vulnerabilities

Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. CVE-2022-22747 Ronald Crane...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : NSS vulnerabilities (USN-5506-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5506-1 advisory. Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to...