53 matches found
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
CVE-2024-1454 concerns the OpenSC AuthentIC driver: a use-after-free during card enrolment (pkcs15-init) that can enable manipulation of card management operations when an attacker has physical access and can present crafted APDU responses. The issue is limited to the enrolment process and requir...
CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454 Opensc: memory use after free in authentic driver when updating token info
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
CVE-2024-1454
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker must have physical access to the computer system and requires a crafted USB device or...
OpenSC: multiple memory issues with pkcs15-init (enrollment tool)
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...
Input validation
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...
CVE-2023-40661
Summary: CVE-2023-40661 affects the OpenSC project, specifically the enrollment tooling pkcs15-init. The issue consists of multiple memory-related vulnerabilities reported by dynamic analysis during the card enrollment process, where a locally present attacker with physical access could manipulat...
CVE-2021-34193
Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...
CVE-2021-34193
Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...
CVE-2021-34193
Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...
CVE-2021-34193
Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs...