SB2018111003 - OpenSUSE Linux update for opensc

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018111003

SB2018111003 - OpenSUSE Linux update for opensc

Published: November 10, 2018 Updated: May 15, 2019

Security Bulletin ID SB2018111003
Severity
Low
Patch available
YES
Number of vulnerabilities 10
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 10 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2018-16391)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


2) Buffer overflow (CVE-ID: CVE-2018-16392)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


3) Buffer overflow (CVE-ID: CVE-2018-16393)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


4) Buffer overflow (CVE-ID: CVE-2018-16418)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling string concatenation in util_acl_to_str in tools/util.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


5) Buffer overflow (CVE-ID: CVE-2018-16419)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


6) Buffer overflow (CVE-ID: CVE-2018-16420)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


7) Buffer overflow (CVE-ID: CVE-2018-16422)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


8) Double-free error (CVE-ID: CVE-2018-16423)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to double-free error when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.


9) Endless recursion (CVE-ID: CVE-2018-16426)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c. A remote unauthenticated attacker can supply specially crafted smartcards to hang or crash the opensc library using programs.


10) Out-of-bounds read (CVE-ID: CVE-2018-16427)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to out-of-bounds read when handling responses. A remote unauthenticated attacker can supply specially crafted smartcards to crash the opensc library using programs.


Remediation

Install update from vendor's website.

References