OESA-2023-1678

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1678
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2023-1678.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2023-1678
Upstream
Published
2023-09-22T11:06:00Z
Modified
2025-08-12T05:19:46.783943Z
Summary
opensc security update
Details

OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to smart cards, e.g. PKCS#11 API, Windows’ Smart Card Minidriver and macOS Tokend.

Security Fix(es):

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardoshaveverifyrcpackage. The attacker can supply a smart card package with malformed ASN1 context. The cardoshaveverifyrcpackage function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.(CVE-2023-2977)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:20.03-LTS-SP3 / opensc

Package

Name
opensc
Purl
pkg:rpm/openEuler/opensc&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.20.0-11.oe1

Ecosystem specific 

{
    "x86_64": [
        "opensc-debugsource-0.20.0-11.oe1.x86_64.rpm",
        "opensc-debuginfo-0.20.0-11.oe1.x86_64.rpm",
        "opensc-0.20.0-11.oe1.x86_64.rpm"
    ],
    "src": [
        "opensc-0.20.0-11.oe1.src.rpm"
    ],
    "aarch64": [
        "opensc-debugsource-0.20.0-11.oe1.aarch64.rpm",
        "opensc-0.20.0-11.oe1.aarch64.rpm",
        "opensc-debuginfo-0.20.0-11.oe1.aarch64.rpm"
    ],
    "noarch": [
        "opensc-help-0.20.0-11.oe1.noarch.rpm"
    ]
}