SB2019080819 - Red Hat update for opensc

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019080819

SB2019080819 - Red Hat update for opensc

Published: August 8, 2019

Security Bulletin ID SB2019080819
Severity
Low
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2018-16391)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


2) Buffer overflow (CVE-ID: CVE-2018-16392)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


3) Buffer overflow (CVE-ID: CVE-2018-16393)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


4) Buffer overflow (CVE-ID: CVE-2018-16418)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling string concatenation in util_acl_to_str in tools/util.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


5) Buffer overflow (CVE-ID: CVE-2018-16419)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


6) Buffer overflow (CVE-ID: CVE-2018-16420)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


7) Buffer overflow (CVE-ID: CVE-2018-16422)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


8) Double-free error (CVE-ID: CVE-2018-16423)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to double-free error when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


9) Endless recursion (CVE-ID: CVE-2018-16426)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c. A remote unauthenticated attacker can supply specially crafted smartcards to hang or crash the opensc library using programs.


10) Out-of-bounds read (CVE-ID: CVE-2018-16427)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to out-of-bounds read when handling responses. A remote unauthenticated attacker can supply specially crafted smartcards to crash the opensc library using programs.


11) Buffer overflow (CVE-ID: CVE-2018-16421)

The vulnerability allows a local attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c. A local attacker can create a specially crafted smartcards, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References