CVE-2016-1938

The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.

• CWE-310

• http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
• http://www.debian.org/security/2016/dsa-3688
• http://www.mozilla.org/security/announce/2016/mfsa2016-07.htmlVendor Advisory
• http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlThird Party Advisory
• http://www.securityfocus.com/bid/81955
• http://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
• http://www.securitytracker.com/id/1034825
• http://www.ubuntu.com/usn/USN-2880-1
• http://www.ubuntu.com/usn/USN-2880-2
• http://www.ubuntu.com/usn/USN-2903-1
• http://www.ubuntu.com/usn/USN-2903-2
• http://www.ubuntu.com/usn/USN-2973-1
• https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html
• https://bugzilla.mozilla.org/show_bug.cgi?id=1190248Issue Tracking
• https://bugzilla.mozilla.org/show_bug.cgi?id=1194947Issue Tracking
• https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notesVendor Advisory
• https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c
• https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c
• https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c
• https://security.gentoo.org/glsa/201605-06
• https://security.gentoo.org/glsa/201701-46
• http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html
• http://www.debian.org/security/2016/dsa-3688
• http://www.mozilla.org/security/announce/2016/mfsa2016-07.htmlVendor Advisory
• http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlThird Party Advisory
• http://www.securityfocus.com/bid/81955
• http://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
• http://www.securitytracker.com/id/1034825
• http://www.ubuntu.com/usn/USN-2880-1
• http://www.ubuntu.com/usn/USN-2880-2
• http://www.ubuntu.com/usn/USN-2903-1
• http://www.ubuntu.com/usn/USN-2903-2
• http://www.ubuntu.com/usn/USN-2973-1
• https://blog.fuzzing-project.org/37-Mozilla-NSS-Wrong-calculation-results-in-mp_div-and-mp_exptmod.html
• https://bugzilla.mozilla.org/show_bug.cgi?id=1190248Issue Tracking
• https://bugzilla.mozilla.org/show_bug.cgi?id=1194947Issue Tracking
• https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notesVendor Advisory
• https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_div.c
• https://github.com/hannob/bignum-fuzz/blob/master/CVE-2016-1938-nss-mp_exptmod.c
• https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c
• https://security.gentoo.org/glsa/201605-06
• https://security.gentoo.org/glsa/201701-46

Published

Jan 31, 2016

Last Modified

Jun 17, 2026

Status

Modified