SB2023121818 - Red Hat Enterprise Linux 9 update for opensc

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Improper Authorization (CVE-ID: CVE-2023-40660)

The vulnerability allows an attacker to bypass authorization process.

The vulnerability exists due to a logic error in the authorization process. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. An attacker with physical proximity to the system can bypass the OS logon/screen for small permanently connected tokens to computers.

2) Buffer overflow (CVE-ID: CVE-2023-40661)

The vulnerability allows an attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. An attacker with physical access to the system can trigger memory corruption and execute arbitrary code with elevated privileges.

3) Out-of-bounds read (CVE-ID: CVE-2023-4535)

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the MyEID driver when handling symmetric key encryption. An attacker with physical access to the system can use a specially crafted USB device to trigger an out-of-bounds read error and gain access to potentially sensitive information.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2023:7879