Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init

...

Libopensc: incorrect handling of the length of buffers or files in pkcs15init

...

Linux Distros Unpatched Vulnerability : CVE-2018-16421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several buffer overflows when handling responses from a CAC Card in cacgetserialnrfromCUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by...

Libopensc: incorrect handling length of buffers or files in libopensc

...

Updated opensc packages fix security vulnerabilities

Heap buffer overflow in openpgp driver when generating key. CVE-2024-8443 Usage of uninitialized values in libopensc and pkcs15init. CVE-2024-45615 Uninitialized values after incorrect check or usage of apdu response values in libopensc. CVE-2024-45616 Uninitialized values after incorrect or...

Linux Distros Unpatched Vulnerability : CVE-2024-8443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs...

Astra Linux – Vulnerability in opensc

A heap-based buffer overflow vulnerability was discovered in the libopensc OpenPGP driver. A specially crafted USB device or smart card, containing malicious responses to APDUs during the card enrollment process using the pkcs15-init tool, may lead to unauthorized access, potentially resulting in...

SUSE-SU-2025:20072-1 Security update for opensc

This update for opensc fixes the following issues: - CVE-2024-8443: Fixed heap buffer overflow in OpenPGP driver when generating key bsc1230364 - CVE-2024-45620: Fixed incorrect handling of the length of buffers or files in pkcs15init bsc1230076 - CVE-2024-45619: Fixed incorrect handling length o...

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

The vulnerability of the pkcs15-init personalization utility and the libopensc library, which are part of the software tools and libraries for working with smart cards in OpenSC, allows a violator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pkcs15-init personalization utility and the libopensc library related to the OpenSC software suite involves the use of uninitialized variables. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability of the pkcs15-init personalization utility and the libopensc library, which are part of the software tools and libraries for working with smart cards in OpenSC, allows a violator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the pkcs15-init personalization utility and the libopensc library related to the OpenSC software suite involves the use of uninitialized variables due to incorrect checks on the return values of functions. Exploiting this vulnerability could allow an attacker to compromise th...

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

The vulnerability of the pkcs15-init personalization utility and the libopensc library, which are part of the software tools and libraries for working with smart cards in OpenSC, allows a violator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the pkcs15-init personalization utility and the libopensc library related to the OpenSC software suite involves the use of uninitialized variables. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected informati...

Amazon Linux 2023 : opensc (ALAS2023-2024-775)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-775 advisory. It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially...

SUSE CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

DEBIAN-CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

AZL-49059 CVE-2024-8443 affecting package opensc for versions less than 0.26.1-1

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...