DEBIAN-CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

UBUNTU-CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-8443

CVE-2024-8443 is a heap-based buffer overflow in the libopensc OpenPGP driver. A crafted USB device or smart card that replies to APDUs during enrollment via pkcs15-init can trigger out-of-bounds access, potentially allowing arbitrary code execution. Public-affecting reports reference the OpenSC ...

CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-8443 Libopensc: heap buffer overflow in openpgp driver when generating key

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-45620 Libopensc: incorrect handling of the length of buffers or files in pkcs15init

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

CVE-2024-45618 Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

CVE-2024-45618 Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

CVE-2024-45617 Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to...

CVE-2024-45616 Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

CVE-2024-45616 Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response AP...

Heap-based Buffer Overflow

libopensc.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists due to the cardoshaveverifyrcpackage function in pkcs15-cardos.c because it scans the ASN1 buffer for 2 tags, but the remaining length can be wrongly calculated due to a moved starting pointer, allowing an attacker...

SUSE CVE-2018-16391

Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

SUSE CVE-2018-16422

A single byte buffer overflow when handling responses from an esteid Card in scpkcs15emuesteidinit in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified othe...

SUSE CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

SUSE CVE-2019-15945

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c...

SUSE CVE-2019-15946

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry in libopensc/asn1.c...