Описание
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 0.19.0-1build1 |
| disco | not-affected | 0.19.0-1build1 |
| eoan | not-affected | 0.19.0-1build1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 0.19.0-1build1 |
| esm-apps/jammy | not-affected | 0.19.0-1build1 |
| esm-apps/noble | not-affected | 0.19.0-1build1 |
| esm-apps/xenial | needed |
Показывать по
EPSS
4.6 Medium
CVSS2
6.6 Medium
CVSS3
Связанные уязвимости
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
Several buffer overflows when handling responses from a CAC Card in ca ...
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
ELSA-2019-2154: opensc security, bug fix, and enhancement update (MODERATE)
EPSS
4.6 Medium
CVSS2
6.6 Medium
CVSS3