exploitDog

CVE-2016-10109

Опубликовано: 23 фев. 2017

Источник: debian

Описание

Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pcsc-lite	fixed	1.8.20-1		package

Примечания

https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22
https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=3aaab9d998b5deb16a246cc7517e44144d281d3b
https://www.openwall.com/lists/oss-security/2017/01/03/2

Связанные уязвимости

CVE-2016-10109

CVSS3: 7.5

ubuntu

почти 9 лет назад

Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

CVE-2016-10109

CVSS3: 5.5

redhat

около 9 лет назад

Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

CVE-2016-10109

CVSS3: 7.5

nvd

почти 9 лет назад

Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote attackers to cause denial of service (crash) via a command that uses "cardsList" after the handle has been released through the SCardReleaseContext function.

openSUSE-SU-2017:0178-1

suse-cvrf

около 9 лет назад

Security update for pcsc-lite

SUSE-SU-2017:0286-1

suse-cvrf

около 9 лет назад

Security update for pcsc-lite