Ubuthathaka obubalulekileyo (CVE-2021-43527) ichongiwe kwi-NSS (IiNkonzo zoKhuseleko lweNethiwekhi) iseti yamathala eencwadi efihlo aphuhliswe yiMozilla, enokukhokelela ekwenziweni kwekhowudi yomhlaseli xa kusetyenzwa iDSA okanye iRSA-PSS yesiginitsha yedijithali ekhankanyiweyo kusetyenziswa DER indlela yokufaka iikhowudi (iMithetho yoFakelo lweKhowudi Eyohlukileyo). Umba, obizwa ngokuba yi-BigSig, usonjululwe kwi-NSS 3.73 kunye ne-NSS ESR 3.68.1. Uhlaziyo lwePakeji kunikezelo luyafumaneka kwiDebian, RHEL, Ubuntu, SUSE, Arch Linux, Gentoo, FreeBSD. Akukho zihlaziyo zikhoyo zeFedora okwangoku.
Ingxaki yenzeka kwizicelo ezisebenzisa i-NSS ukuphatha i-CMS, i-S/MIME, i-PKCS #7 kunye ne-PKCS #12 yesiginitsha yedijithali, okanye xa kungqinwa izatifikethi kwi-TLS, X.509, OCSP kunye ne-CRL ukuphunyezwa. Ubuthathaka bunokuvela kwiinkqubo ezahlukeneyo zabaxhasi kunye neseva ezixhasa i-TLS, i-DTLS kunye ne-S/MIME, abathengi be-imeyile kunye nabajongi be-PDF abasebenzisa i-NSS CERT_VerifyCertificate() umnxeba wokuqinisekisa utyikityo lwedijithali.
I-LibreOffice, i-Evolution kunye ne-Evince zikhankanywe njengemizekelo yezicelo ezisengozini. Ngokunokwenzeka, ingxaki inokuchaphazela iiprojekthi ezinjengePidgin, iApache OpenOffice, iSuricata, iCurl, iChrony, iRed Hat Directory Server, iRed Hat Certificate System, mod_nss yeApache iseva ye-http, i-Oracle yoNxibelelwano lweMiyalezo ye-Oracle, i-Oracle Directory Server Enterprise Edition. Nangona kunjalo, ukuba sesichengeni akubonakali kwiFirefox, iThunderbird kunye neTor Browser, esebenzisa ithala leencwadi elahlukileyo lemozilla ::pkix, ekwaqukwe kwi-NSS, ukwenzela ukuqinisekiswa. Iziphequluli ezisekelwe kwi-Chromium (ngaphandle kokuba zakhiwe ngokukodwa nge-NSS), ezazisebenzisa i-NSS kude kube yi-2015, kodwa zitshintshele kwi-BoringSSL, nazo azichatshazelwa yingxaki.
Ukuba sesichengeni kubangelwa yimpazamo kwikhowudi yoqinisekiso lwesatifikethi kwi vfy_CreateContext umsebenzi osuka kwifayile ye secvfy.c. Impazamo yenzeka xa umxhasi efunda isatifikethi kumncedisi naxa umncedisi eqhuba izatifikethi zomxhasi. Xa kuqinisekiswa i-DER-encoded digital signature, NSS decodes decoded signature into fixed-size buffer kwaye igqithise isithinteli kwimodyuli yePKCS #11. Ngexesha lokuqhubela phambili, ubungakanani bukhangelwa ngokungalunganga kwi-DSA kunye ne-RSA-PSS signatures, ekhokelela ekuphuphumeni kwe-buffer eyabelwe i-VFYContextStr isakhiwo ukuba ubungakanani besiginitsha yedijithali idlula i-16384 bits (2048 bytes yabelwe isithinteli, kodwa ayikhangelwa ukuba utyikityo lunokuba lukhulu) ).
Ikhowudi equlethe ubuthathaka inokulandelelwa emva ko-2003, kodwa ayizange ibe sisoyikiso de kube yinto enokwenziwa ngokutsha ngo-2012. Kwi-2017, iphutha elifanayo lenziwe xa kuphunyezwa inkxaso ye-RSA-PSS. Ukwenza uhlaselo, ukuveliswa kwemithombo yobutyebi yezitshixo ezithile akufuneki ukufumana idatha efunekayo, ekubeni ukuphuphuma kwenzeka kwinqanaba ngaphambi kokujonga ukuchaneka kwesiginesha yedijithali. Inxalenye yedatha ehamba ngaphaya kwemida ibhaliwe kwindawo yememori equkethe izikhombisi kwimisebenzi, eyenza lula ukudalwa kwemisebenzi yokusebenza.
Ubuthathaka bufunyenwe ngabaphandi abasuka kwiProjekthi kaGoogle enguZero ngelixa belinga iindlela ezintsha zovavanyo kwaye luphawu olulungileyo lwendlela ubuthathaka obuncinci bunokuhamba bungabonakali ixesha elide kwiprojekthi eyaziwayo evavanywe ngokubanzi:
- Ikhowudi ye-NSS igcinwa liqela lokhuseleko elinamava usebenzisa uvavanyo lwangoku kunye neendlela zokuhlalutya iimpazamo. Kukho iinkqubo ezininzi ezikhoyo zokuhlawula imbuyekezo ebalulekileyo yokuchonga ubuthathaka kwi-NSS.
- I-NSS yayiyenye yeeprojekthi zokuqala ukujoyina ilinge le-oss-fuzz likaGoogle kwaye yavavanywa kwakhona kwinkqubo yovavanyo ye-fuzzer esekwe kwi-libFuzzer.
- Ikhowudi yethala leencwadi iye yajongwa amaxesha amaninzi kubahlalutyi abamileyo abahlukeneyo, kubandakanywa ukujongwa yinkonzo ye-Coverity ukususela ngo-2008.
- Kuze kube yi-2015, i-NSS isetyenziswe kwi-Google Chrome kwaye yaqinisekiswa ngokuzimeleyo liqela leGoogle ngokuzimeleyo kwi-Mozilla (ukususela kwi-2015, i-Chrome yatshintshela kwi-BoringSSL, kodwa inkxaso ye-NSS-based port ihleli).
Ezona ngxaki ziphambili ngenxa yokuba ingxaki yahlala ingabonwa ixesha elide:
- Ithala leencwadi lemodyuli ye-NSS kunye novavanyo lwe-fuzzing aluqhutywanga lulonke, kodwa kwinqanaba lamacandelo ngamanye. Umzekelo, ikhowudi ye-decoding DER kunye nezatifikethi zokucubungula zatshekishwa ngokwahlukeneyo - ngexesha lokuxubha, isatifikethi sasinokufunyanwa esasiza kukhokelela ekubonakalisweni kobuthathaka obuchaphazelekayo, kodwa ukukhangela kwayo akuzange kufike kwikhowudi yokuqinisekisa kwaye ingxaki ayizange ifike. zityhile.
- Ngexesha lovavanyo lwe-fuzzing, izithintelo ezingqongqo zabekwa kubungakanani bemveliso (i-10000 bytes) ngokungabikho kwezithintelo ezifanayo kwi-NSS (izakhiwo ezininzi kwimowudi eqhelekileyo zinokuba nobukhulu obungaphezu kwe-10000 bytes, ngoko ke idatha yokufaka ngakumbi yayifuneka ukuchonga iingxaki) . Ukuqinisekisa ngokupheleleyo, umda kufuneka ube yi-224-1 bytes (16 MB), ehambelana nobukhulu besatifikethi esivunyelwe kwi-TLS.
- Ukungaqondi kakuhle malunga nekhowudi yokuvavanya i-fuzz. Ikhowudi esemngciphekweni yavavanywa ngokusebenzayo, kodwa isebenzisa iifuzzers ezingakwaziyo ukuvelisa idatha yegalelo eliyimfuneko. Umzekelo, i-fuzzer tls_server_target isebenzise iseti esele ichaziwe yezatifikethi esele zenziwe, ezithintele ukukhangela ikhowudi yoqinisekiso lwesatifikethi kwimiyalezo ye-TLS kuphela kunye notshintsho lwesimo somthetho.
umthombo: opennet.ru