6 matches found
CVE-2024-11705
NSCDeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault SEGV occurred, leading to crashes. This behavior conflicted with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanisms. This vulnerability...
CVE-2024-11705
NSCDeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault SEGV occurred, leading to crashes. This behavior conflicted with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanisms. This vulnerability...
CVE-2024-11705
NSCDeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault SEGV occurred, leading to crashes. This behavior conflicted with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanisms. This vulnerability...
CVE-2024-11705
The CVE-2024-11705 issue is due to NSC_DeriveKey assuming phKey is non-NULL; passing NULL leads to a segmentation fault (crash). Affected products reported across sources include Firefox and Thunderbird prior to version 133. The vulnerability description and linked advisories indicate this NULL d...
CVE-2024-11705
NSCDeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault SEGV occurred, leading to crashes. This behavior conflicted with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanisms. This vulnerability...
CVE-2024-11705
NSCDeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault SEGV occurred, leading to crashes. This behavior conflicted with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanisms. This vulnerability...