Описание
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | opensc | Fix deferred | ||
| Red Hat Enterprise Linux 8 | opensc | Fix deferred | ||
| Red Hat Enterprise Linux 9 | opensc | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
3.9 Low
CVSS3
Связанные уязвимости
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.
A vulnerability was found in pkcs15-init in OpenSC. An attacker could ...
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.
Уязвимость утилиты персонализации смарт-карт pkcs15-init набора программных инструментов и библиотек для работы со смарт-картами OpenSC, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS
3.9 Low
CVSS3