EulerOS Virtualization 2.9.0 : tpm2-tss (EulerOS-SA-2023-2029)

According to the versions of the tpm2-tss package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Sta...

EulerOS Virtualization 2.9.1 : tpm2-tss (EulerOS-SA-2023-2008)

According to the versions of the tpm2-tss package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Sta...

USN-6130-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon vulnerabilities

Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

DEBIAN-CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

Heap overflow

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

UBUNTU-CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2023-2029)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2023-2008)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2977

CVE-2023-2977 affects OpenSC pkcs15 code path (cardos_have_verifyrc_package). A malformed ASN.1 context in a smart-card package can trigger a heap-based buffer out-of-bounds read, potentially crashing the process and enabling information leakage when ASAN is enabled during compile. Connected advi...

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining lengt...

CVE-2023-2977

A vulnerability was found in OpenSC. This issue causes a buffer overrun in the pkcs15 cardoshaveverifyrcpackage. This flaw allows an attacker to supply a smart card package with a malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for two tags, where the remainin...

PT-2023-22410 · Opensc +7 · Opensc +7

Name of the Vulnerable Software and Affected Versions: OpenSC affected versions not specified Description: A security flaw in OpenSC causes a buffer overrun vulnerability in pkcs15 cardos have verifyrc package. An attacker can supply a smart card package with malformed ASN1 context. The cardos ha...

RIOT RIOT-OS 缓冲区错误漏洞

RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A security vulnerability exists in RIOT-OS 2023.01 and earlier versions, which stems from a buffer out-of-bounds write and can be exploited by an attacker to conduct a denial-of-service attack...

The vulnerability of the filppd.sys driver, a component of the IoControlCode utility in the Twister Antivirus security tool, allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the filppd.sys driver, a component of the IoControlCode utility in the Twister Antivirus security tool, relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...