Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2mjg-798r-mxwh

Опубликовано: 04 сент. 2024
Источник: github
Github: Не прошло ревью
CVSS3: 3.9

Описание

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

Ссылки

EPSS

Процентиль: 1%
0.00013
Низкий

3.9 Low

CVSS3

CVE ID

CVE-2024-45616

Дефекты

CWE-457
CWE-908

Связанные уязвимости

ubuntu логотип

CVE-2024-45616

CVSS3: 3.9
ubuntu
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.

redhat логотип

CVE-2024-45616

CVSS3: 3.9
redhat
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.

nvd логотип

CVE-2024-45616

CVSS3: 3.9
nvd
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.

debian логотип

CVE-2024-45616

CVSS3: 3.9
debian
10 месяцев назад

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, min ...

fstec логотип

BDU:2024-11093

CVSS3: 3.9
fstec
10 месяцев назад

Уязвимость утилиты персонализации смарт-карт pkcs15-init и библиотеки libopensc набора программных инструментов и библиотек для работы со смарт-картами OpenSC, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 1%
0.00013
Низкий

3.9 Low

CVSS3

CVE ID

CVE-2024-45616

Дефекты

CWE-457
CWE-908