{
  "threat_severity" : "Moderate",
  "public_date" : "2020-06-02T12:00:00Z",
  "bugzilla" : {
    "description" : "nss: Side channel vulnerabilities during RSA key generation",
    "id" : "1826231",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1826231"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-327",
  "details" : [ "During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. *Note:* An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78.", "A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality." ],
  "statement" : "A timing attack was found in the way NSS generated RSA keys. A man-in-the-middle attacker could use this attack during RSA key generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
  "acknowledgement" : "Red Hat would like to thank the Mozilla Project for reporting this issue. Upstream acknowledges Billy Bob Brumley (Network and Information Security Group (NISEC), Cesar Pereida (Network and Information Security Group (NISEC), Nicola Tuveri (Network and Information Security Group (NISEC), and Yuval Yarom (Network and Information Security Group (NISEC) as the original reporters.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-09-29T00:00:00Z",
    "advisory" : "RHSA-2020:4076",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "nspr-0:4.25.0-2.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-09-29T00:00:00Z",
    "advisory" : "RHSA-2020:4076",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "nss-0:3.53.1-3.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-09-29T00:00:00Z",
    "advisory" : "RHSA-2020:4076",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "nss-softokn-0:3.53.1-6.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2020-09-29T00:00:00Z",
    "advisory" : "RHSA-2020:4076",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "nss-util-0:3.53.1-1.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-08-03T00:00:00Z",
    "advisory" : "RHSA-2020:3280",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "nspr-0:4.25.0-2.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2020-08-03T00:00:00Z",
    "advisory" : "RHSA-2020:3280",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "nss-0:3.53.1-11.el8_2"
  }, {
    "product_name" : "Red Hat OpenShift Do",
    "release_date" : "2021-03-22T00:00:00Z",
    "advisory" : "RHSA-2021:0949",
    "cpe" : "cpe:/a:redhat:openshift_do:1.0::el7",
    "package" : "openshiftdo/odo-init-image-rhel7:1.1.3-2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Out of support scope",
    "package_name" : "nss",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "nss",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "nss-altfiles",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-12402\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-12402\nhttps://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.53.1_release_notes" ],
  "name" : "CVE-2020-12402",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}