A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "2:3.35-2ubuntu2.14", "binary_name": "libnss3" }, { "binary_version": "2:3.35-2ubuntu2.14", "binary_name": "libnss3-dbg" }, { "binary_version": "2:3.35-2ubuntu2.14", "binary_name": "libnss3-dev" }, { "binary_version": "2:3.35-2ubuntu2.14", "binary_name": "libnss3-tools" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "2:3.49.1-1ubuntu1.7", "binary_name": "libnss3" }, { "binary_version": "2:3.49.1-1ubuntu1.7", "binary_name": "libnss3-dbgsym" }, { "binary_version": "2:3.49.1-1ubuntu1.7", "binary_name": "libnss3-dev" }, { "binary_version": "2:3.49.1-1ubuntu1.7", "binary_name": "libnss3-tools" }, { "binary_version": "2:3.49.1-1ubuntu1.7", "binary_name": "libnss3-tools-dbgsym" } ] }