MiracleLinux 8 : opensc-0.20.0-7.el8_9 (AXSA:2024-7353:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7353:02 advisory. OpenSC: Potential PIN bypass when card tracks its own login state CVE-2023-40660 OpenSC: multiple memory issues with pkcs15-init enrollment tool...

Opensc: multiple memory issues with pkcs15-init (enrollment tool)

...

Medium: opensc

Issue Overview: Potential PIN bypass. When the token/card was plugged into the computer and authenticated from one process, it could be used to provide cryptographic operations from different process when the empty, zero-length PIN and the token can track the login status using some of its...