{"id":"USN-3029-1","summary":"nss vulnerability","details":"Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A\nremote attacker could use this issue to cause NSS to crash, resulting in a\ndenial of service, or possibly execute arbitrary code.\n\nThis update refreshes the NSS package to version 3.23 which includes\nthe latest CA certificate bundle. As a security improvement, this update\nalso modifies NSS behaviour to reject DH key sizes below 1024 bits,\npreventing a possible downgrade attack.\n","modified":"2026-02-10T04:41:01Z","published":"2016-07-11T16:36:57Z","related":["UBUNTU-CVE-2016-2834"],"upstream":["CVE-2016-2834","UBUNTU-CVE-2016-2834"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-3029-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-2834"}],"affected":[{"package":{"name":"nss","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/nss@2:3.23-0ubuntu0.14.04.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:3.23-0ubuntu0.14.04.1"}]}],"versions":["2:3.15.1-1ubuntu1","2:3.15.2-1","2:3.15.3-1","2:3.15.3.1-1","2:3.15.3.1-1.1","2:3.15.3.1-1.1ubuntu1","2:3.15.4-1ubuntu3","2:3.15.4-1ubuntu4","2:3.15.4-1ubuntu5","2:3.15.4-1ubuntu6","2:3.15.4-1ubuntu7","2:3.15.4-1ubuntu7.1","2:3.17-0ubuntu0.14.04.1","2:3.17.1-0ubuntu0.14.04.1","2:3.17.1-0ubuntu0.14.04.2","2:3.17.4-0ubuntu0.14.04.1","2:3.19.2-0ubuntu0.14.04.1","2:3.19.2.1-0ubuntu0.14.04.1","2:3.19.2.1-0ubuntu0.14.04.2","2:3.21-0ubuntu0.14.04.1","2:3.21-0ubuntu0.14.04.2"],"ecosystem_specific":{"binaries":[{"binary_name":"libnss3","binary_version":"2:3.23-0ubuntu0.14.04.1"},{"binary_name":"libnss3-1d","binary_version":"2:3.23-0ubuntu0.14.04.1"},{"binary_name":"libnss3-dev","binary_version":"2:3.23-0ubuntu0.14.04.1"},{"binary_name":"libnss3-nssdb","binary_version":"2:3.23-0ubuntu0.14.04.1"},{"binary_name":"libnss3-tools","binary_version":"2:3.23-0ubuntu0.14.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3029-1.json","cves_map":{"ecosystem":"Ubuntu:14.04:LTS","cves":[{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-2834"}]}}},{"package":{"name":"nss","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/nss@2:3.23-0ubuntu0.16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2:3.23-0ubuntu0.16.04.1"}]}],"versions":["2:3.19.2-1ubuntu1","2:3.19.2.1-0ubuntu1","2:3.21-1ubuntu2","2:3.21-1ubuntu3","2:3.21-1ubuntu4"],"ecosystem_specific":{"binaries":[{"binary_name":"libnss3","binary_version":"2:3.23-0ubuntu0.16.04.1"},{"binary_name":"libnss3-1d","binary_version":"2:3.23-0ubuntu0.16.04.1"},{"binary_name":"libnss3-dev","binary_version":"2:3.23-0ubuntu0.16.04.1"},{"binary_name":"libnss3-nssdb","binary_version":"2:3.23-0ubuntu0.16.04.1"},{"binary_name":"libnss3-tools","binary_version":"2:3.23-0ubuntu0.16.04.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3029-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"severity":[{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2016-2834"}]}}}],"schema_version":"1.7.3"}