CVE-2023-40661

2023-11-0617:15:11

Debian Security Bug Tracker

security-tracker.debian.org

opensc

memory vulnerabilities

card enrollment

pkcs15-init

physical access

usb devices

smart cards

compromise key generation

certificate loading.

CVSS3

6.4

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

Percentile

5.1%

JSON

Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow
compromise key generation, certificate loading, and other card management operations during enrollment.

OSVersionArchitecturePackageVersionFilename
Debian12allopensc< 0.23.0-0.3+deb12u1opensc_0.23.0-0.3+deb12u1_all.deb
Debian11allopensc<= 0.21.0-1opensc_0.21.0-1_all.deb
Debian999allopensc< 0.23.0-2opensc_0.23.0-2_all.deb
Debian13allopensc< 0.23.0-2opensc_0.23.0-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	opensc	< 0.23.0-0.3+deb12u1	opensc_0.23.0-0.3+deb12u1_all.deb
Debian	11	all	opensc	<= 0.21.0-1	opensc_0.21.0-1_all.deb
Debian	999	all	opensc	< 0.23.0-2	opensc_0.23.0-2_all.deb
Debian	13	all	opensc	< 0.23.0-2	opensc_0.23.0-2_all.deb