Red Hat update for opensc
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2018-16391 CVE-2018-16392 CVE-2018-16393 CVE-2018-16418 CVE-2018-16419 CVE-2018-16420 CVE-2018-16422 CVE-2018-16423 CVE-2018-16426 CVE-2018-16427 CVE-2018-16421 |
| CWE-ID | CWE-120 CWE-415 CWE-674 CWE-125 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Red Hat Enterprise Linux for Scientific Computing Operating systems & Components / Operating system Red Hat Enterprise Linux Desktop Operating systems & Components / Operating system Red Hat Enterprise Linux Workstation Operating systems & Components / Operating system Red Hat Enterprise Linux Server Operating systems & Components / Operating system |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU16730
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16391
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to boundary error when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU16731
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16392
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to boundary error when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Buffer overflow
EUVDB-ID: #VU16732
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16393
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to boundary error when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU16733
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16418
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to boundary error when handling string concatenation in util_acl_to_str in tools/util.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Buffer overflow
EUVDB-ID: #VU16734
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16419
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to boundary error when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer overflow
EUVDB-ID: #VU16735
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16420
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to boundary error when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Buffer overflow
EUVDB-ID: #VU16736
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16422
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Double-free error
EUVDB-ID: #VU16737
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16423
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to double-free error when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c. A remote unauthenticated attacker can supply specially crafted smartcards, trigger memory corruption and cause the application to crash.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Endless recursion
EUVDB-ID: #VU16738
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16426
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c. A remote unauthenticated attacker can supply specially crafted smartcards to hang or crash the opensc library using programs.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Out-of-bounds read
EUVDB-ID: #VU16739
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16427
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to out-of-bounds read when handling responses. A remote unauthenticated attacker can supply specially crafted smartcards to crash the opensc library using programs.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Buffer overflow
EUVDB-ID: #VU20000
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16421
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c. A local attacker can create a specially crafted smartcards, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for Scientific Computing: 7
Red Hat Enterprise Linux Desktop: 7
Red Hat Enterprise Linux Workstation: 7
Red Hat Enterprise Linux Server: 7
External linkshttp://access.redhat.com/errata/RHSA-2019:2154
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
