CVE-2019-15945

CVE-2019-15945 affects OpenSC prior to 0.20.0-rc1, with an out-of-bounds access in libopensc/asn1.c decode_bit_string. Several advisories (Arch Linux, AlmaLinux, Debian LTS, others) map this to a vulnerability class that can enable denial of service via malformed data on a local basis. Affected p...

Buffer Overflows

opensc is vulnerable to buffer overflows. It is due to lack of proper handling of responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c...

Buffer Overflows

opensc is vulnerable to buffer overflows. It is due to lack of proper handling of responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c...

OpenSC < 0.20.0 Memory Leak Vulnerability - Linux

OpenSC is prone to a memory leak vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

OpenSC Memory Leak Vulnerability

OpenSC is an open source smart card tool and middleware. A security vulnerability exists in the 'sccontextcreate' function in the ctx.c file of libopensc in OpenSC version 0.19.0. An attacker can exploit this vulnerability to cause a denial of service memory leak...

UBUNTU-CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

Design/Logic Flaw

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

CVE-2019-6502

OpenSC/OpenSC library (libopensc) is affected by CVE-2019-6502 due to a memory leak in sc_context_create (ctx.c) on OpenSC 0.19.0. Connected advisories/NIDS report multiple vendors noting a leak in eidenv, with Debian SUSE Mageia all providing fixes by upgrading to newer OpenSC builds (e.g., 0.20...

CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

CVE-2019-6502

sccontextcreate in ctx.c in libopensc in OpenSC 0.19.0 has a memory leak, as demonstrated by a call from eidenv...

CVE-2018-16423

A double free when handling responses from a smartcard in scfilesetsecattr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

CVE-2018-16420

Several buffer overflows when handling responses from an ePass 2003 Card in decryptresponse in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impa...

OpenSC Double Release Vulnerability (CNVD-2019-28620)

OpenSC is an open source smart card tool and middleware. A double-release vulnerability exists in the 'scfilesetsecattr' function of the libopensc/sc.c file in versions of OpenSC prior to 0.19.0-rc1. An attacker could exploit this vulnerability to cause a denial of service application crash with...

CVE-2018-16420

Several buffer overflows when handling responses from an ePass 2003 Card in decryptresponse in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impa...

OpenSC Buffer Overflow Vulnerability (CNVD-2019-07206)

OpenSC is an open source smart card tool and middleware. A buffer overflow vulnerability exists in the 'tcosselectfile' function in the libopensc/card-tcos.c file in versions of OpenSC prior to 0.19.0-rc1. An attacker can exploit this vulnerability to cause a denial of service application crash...

CVE-2018-16420

CVE-2018-16420: OpenSC has buffer overflows in decrypt_response (libopensc/card-epass2003.c) when processing responses from ePass 2003 cards. Affected: OpenSC before 0.19.0-rc1. Exploitation requires crafted smartcards and could cause a denial of service (application crash) or other impact. Remed...

CVE-2018-16423

A double free when handling responses from a smartcard in scfilesetsecattr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...