CVE-2023-5388: 
NixOS vulnerability analysis and mitigation

NSS (Network Security Services) was identified to be vulnerable to a timing side-channel attack when performing RSA decryption operations (CVE-2023-5388). The vulnerability was discovered by Hubert Kario from Red Hat and affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. The issue was publicly disclosed in March 2024 (Mozilla Advisory, Red Hat CVE).

The vulnerability stems from the numerical library used in NSS for RSA cryptography leaking information about whether high order bits of the RSA decryption result are zero. The issue occurs before any padding operations, affecting all padding modes including PKCS#1 v1.5, OAEP, and RSASVP. Both API level calls and TLS server operations are impacted. The vulnerability has been assigned a CVSS v3 Base Score of 6.5 (Moderate) with attack vector being Network, attack complexity Low, and requiring Low privileges (Red Hat CVE).

This timing side-channel attack could potentially allow an attacker to recover private data through a Bleichenbacher or Manger-like attack against all RSA decryption operations. The vulnerability affects the confidentiality of the system, with a High confidentiality impact rating, while having no direct impact on integrity or availability (Red Hat CVE).

The vulnerability has been fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. Users are advised to upgrade to these versions or later to mitigate the vulnerability. The fix involved addressing the timing side-channel in the RSA decryption implementation (Mozilla Advisory, Mozilla Advisory ESR).