Mozilla properly fuzzed NSS and still ended up with a simple memory corruption hole

Bug detection king Tavis Ormandy simply made a really big signature with NSS, and bad things happened.
Written by Chris Duckett, Contributor on
Mozilla logo

When it comes to fuzzing, Mozilla has plenty of cred, and has been doing so for some time, and yet, its prized Network Security Services (NSS) library was busted by Google Project Zero's Tavis Ormandy quite easily.

In a blog post well worth your time, entitled This shouldn't have happened, Ormandy found that if NSS was made to create an ASN.1 signature bigger than the maximum 16384 bits it expected, overwriting of memory would occur.

"What happens if you just ... make a signature that's bigger than that? Well, it turns out the answer is memory corruption. Yes, really," Ormandy wrote.

"The untrusted signature is simply copied into this fixed-sized buffer, overwriting adjacent members with arbitrary attacker-controlled data. The bug is simple to reproduce and affects multiple algorithms."

Given the designation CVE-2021-43527, Mozilla said in its advisory that Firefox was not impacted, but the likes of Thunderbird, LibreOffice, Evolution, and Evince were "believed to be impacted".

In Mozilla's defence, Ormandy said it has a world-class security team, and has been leading the way in fuzzing, but thanks to the modular design of NSS, the library did not have end-to-end testing as each part was fuzzed independently. This was compounded by the fuzzers having a limit of 10,000 bytes on input while NSS has no such limit.

"This issue demonstrates that even extremely well-maintained C/C++ can have fatal, trivial mistakes," Ormandy wrote.

The hole has been patched in versions 3.73.0 and 3.68.1 of NSS.

Related Coverage

Editorial standards