6.8 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:S/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.4%
CentOS Errata and Security Advisory CESA-2010:0533
PC/SC Lite provides a Windows SCard compatible interface for communicating
with smart cards, smart card readers, and other security tokens.
Multiple buffer overflow flaws were discovered in the way the pcscd daemon,
a resource manager that coordinates communications with smart card readers
and smart cards connected to the system, handled client requests. A local
user could create a specially-crafted request that would cause the pcscd
daemon to crash or, possibly, execute arbitrary code. (CVE-2010-0407,
CVE-2009-4901)
Users of pcsc-lite should upgrade to these updated packages, which contain
a backported patch to correct these issues. After installing this update,
the pcscd daemon will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-July/078945.html
https://lists.centos.org/pipermail/centos-announce/2010-July/078946.html
Affected packages:
pcsc-lite
pcsc-lite-devel
pcsc-lite-doc
pcsc-lite-libs
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0533
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | pcsc-lite | < 1.4.4-4.el5_5 | pcsc-lite-1.4.4-4.el5_5.i386.rpm |
CentOS | 5 | i386 | pcsc-lite-devel | < 1.4.4-4.el5_5 | pcsc-lite-devel-1.4.4-4.el5_5.i386.rpm |
CentOS | 5 | i386 | pcsc-lite-doc | < 1.4.4-4.el5_5 | pcsc-lite-doc-1.4.4-4.el5_5.i386.rpm |
CentOS | 5 | i386 | pcsc-lite-libs | < 1.4.4-4.el5_5 | pcsc-lite-libs-1.4.4-4.el5_5.i386.rpm |
CentOS | 5 | x86_64 | pcsc-lite | < 1.4.4-4.el5_5 | pcsc-lite-1.4.4-4.el5_5.x86_64.rpm |
CentOS | 5 | i386 | pcsc-lite-devel | < 1.4.4-4.el5_5 | pcsc-lite-devel-1.4.4-4.el5_5.i386.rpm |
CentOS | 5 | x86_64 | pcsc-lite-devel | < 1.4.4-4.el5_5 | pcsc-lite-devel-1.4.4-4.el5_5.x86_64.rpm |
CentOS | 5 | x86_64 | pcsc-lite-doc | < 1.4.4-4.el5_5 | pcsc-lite-doc-1.4.4-4.el5_5.x86_64.rpm |
CentOS | 5 | i386 | pcsc-lite-libs | < 1.4.4-4.el5_5 | pcsc-lite-libs-1.4.4-4.el5_5.i386.rpm |
CentOS | 5 | x86_64 | pcsc-lite-libs | < 1.4.4-4.el5_5 | pcsc-lite-libs-1.4.4-4.el5_5.x86_64.rpm |