OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to smart cards, e.g. PKCS#11 API, Windows’ Smart Card Minidriver and macOS Tokend.
Security Fix(es):
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).(CVE-2024-45615)
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs.
The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.(CVE-2024-45616)
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs.
Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.(CVE-2024-45617)
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs.
Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.(CVE-2024-45618)
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.(CVE-2024-45619)
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.(CVE-2024-45620)
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init
tool may lead to out-of-bound rights, possibly resulting in arbitrary code execution.(CVE-2024-8443)
{ "severity": "Low" }
{ "aarch64": [ "opensc-0.21.0-11.oe2203sp1.aarch64.rpm", "opensc-debuginfo-0.21.0-11.oe2203sp1.aarch64.rpm", "opensc-debugsource-0.21.0-11.oe2203sp1.aarch64.rpm" ], "src": [ "opensc-0.21.0-11.oe2203sp1.src.rpm" ], "x86_64": [ "opensc-0.21.0-11.oe2203sp1.x86_64.rpm", "opensc-debuginfo-0.21.0-11.oe2203sp1.x86_64.rpm", "opensc-debugsource-0.21.0-11.oe2203sp1.x86_64.rpm" ], "noarch": [ "opensc-help-0.21.0-11.oe2203sp1.noarch.rpm" ] }
{ "aarch64": [ "opensc-0.23.0-7.oe2403.aarch64.rpm", "opensc-debuginfo-0.23.0-7.oe2403.aarch64.rpm", "opensc-debugsource-0.23.0-7.oe2403.aarch64.rpm", "opensc-help-0.23.0-7.oe2403.aarch64.rpm" ], "src": [ "opensc-0.23.0-7.oe2403.src.rpm" ], "x86_64": [ "opensc-0.23.0-7.oe2403.x86_64.rpm", "opensc-debuginfo-0.23.0-7.oe2403.x86_64.rpm", "opensc-debugsource-0.23.0-7.oe2403.x86_64.rpm", "opensc-help-0.23.0-7.oe2403.x86_64.rpm" ] }
{ "aarch64": [ "opensc-0.21.0-11.oe2203sp4.aarch64.rpm", "opensc-debuginfo-0.21.0-11.oe2203sp4.aarch64.rpm", "opensc-debugsource-0.21.0-11.oe2203sp4.aarch64.rpm" ], "src": [ "opensc-0.21.0-11.oe2203sp4.src.rpm" ], "x86_64": [ "opensc-0.21.0-11.oe2203sp4.x86_64.rpm", "opensc-debuginfo-0.21.0-11.oe2203sp4.x86_64.rpm", "opensc-debugsource-0.21.0-11.oe2203sp4.x86_64.rpm" ], "noarch": [ "opensc-help-0.21.0-11.oe2203sp4.noarch.rpm" ] }
{ "aarch64": [ "opensc-0.21.0-11.oe2203sp3.aarch64.rpm", "opensc-debuginfo-0.21.0-11.oe2203sp3.aarch64.rpm", "opensc-debugsource-0.21.0-11.oe2203sp3.aarch64.rpm" ], "src": [ "opensc-0.21.0-11.oe2203sp3.src.rpm" ], "x86_64": [ "opensc-0.21.0-11.oe2203sp3.x86_64.rpm", "opensc-debuginfo-0.21.0-11.oe2203sp3.x86_64.rpm", "opensc-debugsource-0.21.0-11.oe2203sp3.x86_64.rpm" ], "noarch": [ "opensc-help-0.21.0-11.oe2203sp3.noarch.rpm" ] }
{ "aarch64": [ "opensc-0.20.0-15.oe2003sp4.aarch64.rpm", "opensc-debuginfo-0.20.0-15.oe2003sp4.aarch64.rpm", "opensc-debugsource-0.20.0-15.oe2003sp4.aarch64.rpm" ], "src": [ "opensc-0.20.0-15.oe2003sp4.src.rpm" ], "x86_64": [ "opensc-0.20.0-15.oe2003sp4.x86_64.rpm", "opensc-debuginfo-0.20.0-15.oe2003sp4.x86_64.rpm", "opensc-debugsource-0.20.0-15.oe2003sp4.x86_64.rpm" ], "noarch": [ "opensc-help-0.20.0-15.oe2003sp4.noarch.rpm" ] }