Количество 12
Количество 12
BDU:2025-04907
Уязвимость функции cardos_have_verifyrc_package набора программных инструментов и библиотек для работы со смарт-картами OpenSC, позволяющая нарушителю вызвать отказ в обслуживании
CVE-2023-2977
A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.
CVE-2023-2977
A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.
CVE-2023-2977
A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.
CVE-2023-2977
CVE-2023-2977
A vulnerbility was found in OpenSC. This security flaw cause a buffer ...
SUSE-SU-2023:2516-1
Security update for opensc
SUSE-SU-2023:2508-1
Security update for opensc
SUSE-SU-2023:2466-1
Security update for opensc
GHSA-p22r-5f28-437x
A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.
ELSA-2023-7160
ELSA-2023-7160: opensc security and bug fix update (LOW)
ELSA-2023-6587
ELSA-2023-6587: opensc security update (LOW)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-04907 Уязвимость функции cardos_have_verifyrc_package набора программных инструментов и библиотек для работы со смарт-картами OpenSC, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-2977 A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-2977 A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | CVSS3: 6.3 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-2977 A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | CVSS3: 7.1 | 0% Низкий | около 2 лет назад | |
| CVE-2023-2977 A vulnerbility was found in OpenSC. This security flaw cause a buffer ... | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:2516-1 Security update for opensc | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2023:2508-1 Security update for opensc | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2023:2466-1 Security update for opensc | 0% Низкий | около 2 лет назад | |
| GHSA-p22r-5f28-437x A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | CVSS3: 7.1 | 0% Низкий | больше 2 лет назад |
| ELSA-2023-7160 ELSA-2023-7160: opensc security and bug fix update (LOW) | почти 2 года назад | ||
| ELSA-2023-6587 ELSA-2023-6587: opensc security update (LOW) | почти 2 года назад |
Уязвимостей на страницу