Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | opensc | < 0.19.0~rc1-1 | opensc_0.19.0~rc1-1_all.deb |
Debian | 11 | all | opensc | < 0.19.0~rc1-1 | opensc_0.19.0~rc1-1_all.deb |
Debian | 10 | all | opensc | < 0.19.0~rc1-1 | opensc_0.19.0~rc1-1_all.deb |
Debian | 999 | all | opensc | < 0.19.0~rc1-1 | opensc_0.19.0~rc1-1_all.deb |
Debian | 13 | all | opensc | < 0.19.0~rc1-1 | opensc_0.19.0~rc1-1_all.deb |