MiracleLinux 8 : opensc-0.20.0-7.el8_9 (AXSA:2024-7353:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7353:02 advisory. OpenSC: Potential PIN bypass when card tracks its own login state CVE-2023-40660 OpenSC: multiple memory issues with pkcs15-init enrollment tool...

CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

UBUNTU-CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

CVE-2024-45620

OpenSC: CVE-2024-45620 affects the pkcs15-init tool. A crafted USB device or smart card may cause the system to process APDUs in a way that partially filled buffers are accessed incorrectly. This is tied to OpenSC buffer handling in pkcs15init. Remediation: upgrade OpenSC to 0.26.1-1 or newer (as...

CVE-2024-45620

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accesse...

PT-2024-9395 · Opensc +5 · Opensc +5

Name of the Vulnerable Software and Affected Versions: OpenSC pkcs15-init tool affected versions not specified Description: The issue is related to a buffer overflow in the pkcs15-init tool of the OpenSC software suite. An attacker could exploit this by using a specially crafted USB device or sma...