CLSA-2023-1681328662
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2023-1681328662.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2023-1681328662
- Upstream
- Published
- 2023-04-12T20:41:25Z
- Modified
- 2026-06-04T09:46:07.390254319Z
- Summary
- Fix CVE(s): CVE-2023-0767
- Details
-
- SECURITY UPDATE: An attacker could construct a PKCS 12 cert bundle in such
a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag
attributes being mishandled
- debian/patches/CVE-2023-0767.patch: improve handling of unknown PKCS#12 safe bag types
- CVE-2023-0767
- SECURITY UPDATE: An attacker could construct a PKCS 12 cert bundle in such
a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag
attributes being mishandled
- References
Affected packages
TuxCare:Ubuntu:16.04 / libnss3
Package
- Name
- libnss3
- Purl
- pkg:deb/tuxcare/libnss3?distro=ubuntu-16.04
TuxCare:Ubuntu:16.04 / libnss3-1d
Package
- Name
- libnss3-1d
- Purl
- pkg:deb/tuxcare/libnss3-1d?distro=ubuntu-16.04
TuxCare:Ubuntu:16.04 / libnss3-dev
Package
- Name
- libnss3-dev
- Purl
- pkg:deb/tuxcare/libnss3-dev?distro=ubuntu-16.04
TuxCare:Ubuntu:16.04 / libnss3-nssdb
Package
- Name
- libnss3-nssdb
- Purl
- pkg:deb/tuxcare/libnss3-nssdb?distro=ubuntu-16.04