OESA-2022-1664
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1664
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1664.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-1664
- Upstream
- Published
- 2022-05-20T11:03:48Z
- Modified
- 2025-08-12T05:10:26.213748Z
- Summary
- opensc security update
- Details
-
OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to smart cards, e.g. PKCS#11 API, Windows’ Smart Card Minidriver and macOS Tokend.
Security Fix(es):
A heap double free issue was found in Opensc before version 0.22.0 in scpkcs15free_tokeninfo.(CVE-2021-42778)
A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.(CVE-2021-42780)
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.(CVE-2021-42782)
- Database specific
{ "severity": "Medium" }- References
Affected packages
openEuler:22.03-LTS / opensc
Package
- Name
- opensc
- Purl
- pkg:rpm/openEuler/opensc&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.21.0-6.oe2203
Ecosystem specific
{
"x86_64": [
"opensc-0.21.0-6.oe2203.x86_64.rpm",
"opensc-debuginfo-0.21.0-6.oe2203.x86_64.rpm",
"opensc-debugsource-0.21.0-6.oe2203.x86_64.rpm"
],
"src": [
"opensc-0.21.0-6.oe2203.src.rpm"
],
"aarch64": [
"opensc-0.21.0-6.oe2203.aarch64.rpm",
"opensc-debuginfo-0.21.0-6.oe2203.aarch64.rpm",
"opensc-debugsource-0.21.0-6.oe2203.aarch64.rpm"
],
"noarch": [
"opensc-help-0.21.0-6.oe2203.noarch.rpm"
]
}