Azure Linux 3.0 Security Update: opensc (CVE-2023-5992)

The version of opensc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5992 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channe...

Medium: opensc

Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 Affected Packages: opensc Note: This advisory is applicable to Amazon Linux 2 AL2 Cor...

Amazon Linux 2 : opensc (ALAS-2024-2566)

The version of opensc installed on the remote host is prior to 0.19.0-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2566 advisory. A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issu...

SUSE SLES12 Security Update : opensc (SUSE-SU-2024:1625-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:1625-1 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issue may...

Fedora 40 : opensc (2024-3dbc3e8105)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-3dbc3e8105 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : opensc (SUSE-SU-2024:1402-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1402-1 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-...

Amazon Linux 2023 : opensc (ALAS2023-2024-580)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-580 advisory. A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issue may result in the potential leak of private data...

Medium: opensc

Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages...

Fedora 38 : opensc (2024-b92d44f141)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b92d44f141 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

Fedora 39 : opensc (2024-6460a03e29)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-6460a03e29 advisory. New upstream release with security fixes for CVE-2023-5992 and CVE-2024-1454 Tenable has extracted the preceding description block directly from the...

AlmaLinux 8 : opensc (ALSA-2024:0967)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:0967 advisory. - A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side- channel resistant. This issue may result in the potential...

Oracle Linux 8 : opensc (ELSA-2024-0967)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-0967 advisory. 0.20.0-8 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding Tenable has extracted the preceding description block directly from...

RHEL 9 : opensc (RHSA-2024:0966)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0966 advisory. The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operation...

Oracle Linux 9 : opensc (ELSA-2024-0966)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-0966 advisory. 0.23.0-4 - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1.5 padding Tenable has extracted the preceding description block directly from...

Design/Logic Flaw

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...