CVE-2023-4421

Name of the Vulnerable Software and Affected Versions Network Security Services (NSS) versions prior to 3.61

Description The issue is related to the implementation of the PKCS#1 v1.5 standard in the NSS library, which was leaking information useful for mounting Bleichenbacher-like attacks through timing side-channel. This allowed an attacker to decrypt a previously intercepted PKCS#1 v1.5 ciphertext or forge a signature using the victim's key by sending a large number of attacker-selected ciphertexts. The problem was fixed by implementing the implicit rejection algorithm.

Recommendations For versions prior to 3.61, update to version 3.61 or later to resolve the issue. As a temporary workaround, consider implementing the implicit rejection algorithm to return a deterministic random message in case invalid padding is detected. Restrict access to the PKCS#1 v1.5 functionality to minimize the risk of exploitation until the update is applied.