CVE-2019-17023 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-17023 Interim 1 18 2025-05-01T00:56:23Z current 2021-05-30T14:32:11Z 2025-05-01T00:56:23Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-17023 After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3HI2RC7AJAHY74Q6MK7GNGWU6TITB22V/ E-Mail link for openSUSE-SU-2024:14572-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Liberty Linux 7 SUSE Liberty Linux 8 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP1 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-92.0-1.2 MozillaFirefox-branding-upstream-92.0-1.2 MozillaFirefox-devel MozillaFirefox-devel-92.0-1.2 MozillaFirefox-translations-common MozillaFirefox-translations-common-92.0-1.2 MozillaFirefox-translations-other MozillaFirefox-translations-other-92.0-1.2 firefox-esr-128.5.1-1.1 firefox-esr-branding-upstream-128.5.1-1.1 firefox-esr-translations-common-128.5.1-1.1 firefox-esr-translations-other-128.5.1-1.1 nspr-4.25.0-2.el7_9 nspr-4.25.0-2.el8_2 nspr-devel-4.25.0-2.el7_9 nspr-devel-4.25.0-2.el8_2 nss-3.53.1-11.el8_2 nss-3.53.1-3.el7_9 nss-devel-3.53.1-11.el8_2 nss-devel-3.53.1-3.el7_9 nss-pkcs11-devel-3.53.1-3.el7_9 nss-softokn-3.53.1-11.el8_2 nss-softokn-3.53.1-6.el7_9 nss-softokn-devel-3.53.1-11.el8_2 nss-softokn-devel-3.53.1-6.el7_9 nss-softokn-freebl-3.53.1-11.el8_2 nss-softokn-freebl-3.53.1-6.el7_9 nss-softokn-freebl-devel-3.53.1-11.el8_2 nss-softokn-freebl-devel-3.53.1-6.el7_9 nss-sysinit-3.53.1-11.el8_2 nss-sysinit-3.53.1-3.el7_9 nss-tools-3.53.1-11.el8_2 nss-tools-3.53.1-3.el7_9 nss-util-3.53.1-1.el7_9 nss-util-3.53.1-11.el8_2 nss-util-devel-3.53.1-1.el7_9 nss-util-devel-3.53.1-11.el8_2 nspr-4.25.0-2.el7_9 as a component of SUSE Liberty Linux 7 nspr-devel-4.25.0-2.el7_9 as a component of SUSE Liberty Linux 7 nss-3.53.1-3.el7_9 as a component of SUSE Liberty Linux 7 nss-devel-3.53.1-3.el7_9 as a component of SUSE Liberty Linux 7 nss-pkcs11-devel-3.53.1-3.el7_9 as a component of SUSE Liberty Linux 7 nss-softokn-3.53.1-6.el7_9 as a component of SUSE Liberty Linux 7 nss-softokn-devel-3.53.1-6.el7_9 as a component of SUSE Liberty Linux 7 nss-softokn-freebl-3.53.1-6.el7_9 as a component of SUSE Liberty Linux 7 nss-softokn-freebl-devel-3.53.1-6.el7_9 as a component of SUSE Liberty Linux 7 nss-sysinit-3.53.1-3.el7_9 as a component of SUSE Liberty Linux 7 nss-tools-3.53.1-3.el7_9 as a component of SUSE Liberty Linux 7 nss-util-3.53.1-1.el7_9 as a component of SUSE Liberty Linux 7 nss-util-devel-3.53.1-1.el7_9 as a component of SUSE Liberty Linux 7 nspr-4.25.0-2.el8_2 as a component of SUSE Liberty Linux 8 nspr-devel-4.25.0-2.el8_2 as a component of SUSE Liberty Linux 8 nss-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-devel-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-softokn-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-softokn-devel-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-softokn-freebl-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-softokn-freebl-devel-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-sysinit-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-tools-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-util-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 nss-util-devel-3.53.1-11.el8_2 as a component of SUSE Liberty Linux 8 MozillaFirefox-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-branding-upstream-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-devel-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-common-92.0-1.2 as a component of openSUSE Tumbleweed MozillaFirefox-translations-other-92.0-1.2 as a component of openSUSE Tumbleweed firefox-esr-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-branding-upstream-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-common-128.5.1-1.1 as a component of openSUSE Tumbleweed firefox-esr-translations-other-128.5.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE CaaS Platform 4.0 MozillaFirefox-devel as a component of SUSE CaaS Platform 4.0 MozillaFirefox-translations-common as a component of SUSE CaaS Platform 4.0 MozillaFirefox-translations-other as a component of SUSE CaaS Platform 4.0 MozillaFirefox as a component of SUSE Enterprise Storage 6 MozillaFirefox as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-devel as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server 15 SP1-LTSS MozillaFirefox as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 MozillaFirefox-devel as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 MozillaFirefox-translations-common as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 MozillaFirefox-translations-other as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72. CVE-2019-17023 SUSE Liberty Linux 7:nspr-4.25.0-2.el7_9 SUSE Liberty Linux 7:nspr-devel-4.25.0-2.el7_9 SUSE Liberty Linux 7:nss-3.53.1-3.el7_9 SUSE Liberty Linux 7:nss-devel-3.53.1-3.el7_9 SUSE Liberty Linux 7:nss-pkcs11-devel-3.53.1-3.el7_9 SUSE Liberty Linux 7:nss-softokn-3.53.1-6.el7_9 SUSE Liberty Linux 7:nss-softokn-devel-3.53.1-6.el7_9 SUSE Liberty Linux 7:nss-softokn-freebl-3.53.1-6.el7_9 SUSE Liberty Linux 7:nss-softokn-freebl-devel-3.53.1-6.el7_9 SUSE Liberty Linux 7:nss-sysinit-3.53.1-3.el7_9 SUSE Liberty Linux 7:nss-tools-3.53.1-3.el7_9 SUSE Liberty Linux 7:nss-util-3.53.1-1.el7_9 SUSE Liberty Linux 7:nss-util-devel-3.53.1-1.el7_9 SUSE Liberty Linux 8:nspr-4.25.0-2.el8_2 SUSE Liberty Linux 8:nspr-devel-4.25.0-2.el8_2 SUSE Liberty Linux 8:nss-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-devel-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-softokn-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-softokn-devel-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-softokn-freebl-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-softokn-freebl-devel-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-sysinit-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-tools-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-util-3.53.1-11.el8_2 SUSE Liberty Linux 8:nss-util-devel-3.53.1-11.el8_2 openSUSE Tumbleweed:MozillaFirefox-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-branding-upstream-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-devel-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-common-92.0-1.2 openSUSE Tumbleweed:MozillaFirefox-translations-other-92.0-1.2 openSUSE Tumbleweed:firefox-esr-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-branding-upstream-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-common-128.5.1-1.1 openSUSE Tumbleweed:firefox-esr-translations-other-128.5.1-1.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N