NewStart CGSL MAIN 6.02 : opensc Multiple Vulnerabilities (NS-SA-2022-0062)

The remote NewStart CGSL host, running version MAIN 6.02, has opensc packages installed that are affected by multiple vulnerabilities: - The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile. CVE-2020-26570 - The gemsafe GPK sma...

AlmaLinux 8 : opensc (ALSA-2021:1600)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1600 advisory. - The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile. CVE-2020-26570 - The gemsafe...

EulerOS 2.0 SP8 : opensc (EulerOS-SA-2021-1158)

According to the versions of the opensc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile.CVE-2020-26570 - The...

Updated opensc packages fix security vulnerabilities

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in scoberthurreadfile CVE-2020-26570. The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit CVE-2020-26571. The TCOS...

CVE-2020-26572

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcosdecipher...

CVE-2020-26572

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcosdecipher...

CVE-2020-26572

OpenSC contains a stack-based buffer overflow in the TCOS smart card driver (tcos_decipher) for versions before 0.21.0-rc1. Upgrading to OpenSC 0.21.0 or later (e.g., 0.21.0-1 or newer) is recommended as the remediation across affected distributions (AL2, Arch, Debian/LTS, etc.).