Описание
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
A use-after-free vulnerability was discovered in OpenSC while disconnecting a smart card. This flaw allows a physical attacker to exploit this vulnerability by inserting and removing a malicious smart card, handled by the coolkey driver, that could potentially execute code on the target system, with privileges that depend on the particular configuration and system that makes use of the OpenSC library.
Меры по смягчению последствий
If the coolkey driver is not necessary for the configuration and system in use, it is possible to disable it by not listing it in the /etc/opensc.conf file. For example:
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | opensc | Will not fix | ||
| Red Hat Enterprise Linux 8 | opensc | Fixed | RHSA-2020:4483 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.4 Medium
CVSS3
Связанные уязвимости
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
OpenSC before 0.20.0 has a double free in coolkey_free_private_data be ...
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
ELSA-2020-4483: opensc security, bug fix, and enhancement update (MODERATE)
EPSS
6.4 Medium
CVSS3