Описание
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| opensc | fixed | 0.25.1-2.1 | package | |
| opensc | fixed | 0.23.0-0.3+deb12u2 | bookworm | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2309285
https://github.com/OpenSC/OpenSC/wiki/CVE-2024-45615
https://github.com/OpenSC/OpenSC/security/advisories/GHSA-p3mx-7472-h3j8
EPSS
Связанные уязвимости
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.
Уязвимость утилиты персонализации смарт-карт pkcs15-init и библиотеки libopensc набора программных инструментов и библиотек для работы со смарт-картами OpenSC, позволяющая нарушителю оказать воздействие на конфиденциальность и целостность защищаемой информации
EPSS