SUSE update for opensc
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 13 |
| CVE-ID | CVE-2019-15945 CVE-2019-15946 CVE-2019-19479 CVE-2019-19481 CVE-2019-20792 CVE-2019-6502 CVE-2020-26570 CVE-2020-26571 CVE-2020-26572 CVE-2021-42779 CVE-2021-42780 CVE-2021-42781 CVE-2021-42782 |
| CWE-ID | CWE-125 CWE-119 CWE-415 CWE-401 CWE-122 CWE-121 CWE-416 CWE-252 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #6 is available. |
| Vulnerable software Subscribe |
SUSE Linux Enterprise Server for SAP Operating systems & Components / Operating system SUSE Linux Enterprise High Performance Computing Operating systems & Components / Operating system SUSE Linux Enterprise Server Operating systems & Components / Operating system opensc-debugsource Operating systems & Components / Operating system package or component opensc-debuginfo Operating systems & Components / Operating system package or component opensc Operating systems & Components / Operating system package or component |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU23845
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15945
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing ASN.1 Bitstring within the decode_bit_string() function in libopensc/asn1.c. A local user can pass specially crafted data to the application, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU23844
Risk: Low
CVSSv3.1: 4.5 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-15946
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing ASN.1 Octet string within the asn1_decode_entry() function in libopensc/asn1.c. A local user can supply specially crafted data to the application, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU23848
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19479
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when parsing SETCOS file attribute in libopensc/card-setcos.c. A local user can pass specially crafted file to the application, trigger out-of-bounds read error and read contents of memory on the system.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Buffer overflow
EUVDB-ID: #VU23847
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19481
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing CAC certificates in libopensc/card-cac1.c. A local user can pass specially crafted certificate to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Double Free
EUVDB-ID: #VU34415
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20792
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to execute arbitrary code.
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Memory leak
EUVDB-ID: #VU17200
Risk: Low
CVSSv3.1: 2.2 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-6502
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform DoS attack on the target system.
The vulnerability exists due memory leak in sc_context_create in ctx.c in libopensc. A local user can trigger memory leak and perform denial of service attack.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Heap-based buffer overflow
EUVDB-ID: #VU48687
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26570
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the sc_oberthur_read_file. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Stack-based buffer overflow
EUVDB-ID: #VU48688
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26571
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in sc_pkcs15emu_gemsafeGPK_init. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Stack-based buffer overflow
EUVDB-ID: #VU48689
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-26572
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in tcos_decipher. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Use-after-free
EUVDB-ID: #VU66142
Risk: Low
CVSSv3.1: 1.8 [CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-42779
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows an attacker with physical access to perform a denial of service attack.
The vulnerability exists due to a use-after-free error in Opensc in sc_file_valid. An attacker with physical access can trigger use-after-free to perform a denial of service attack.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Unchecked Return Value
EUVDB-ID: #VU66136
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-42780
CWE-ID:
CWE-252 - Unchecked Return Value
Exploit availability: No
DescriptionThe vulnerability allows an attacker with physical access to perform denial of service attacks.
The vulnerability exists due to use after return issue in insert_pin() function in Opensc. An attacker with physical access can trigger the vulnerability to perform denial of service attacks.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Heap-based buffer overflow
EUVDB-ID: #VU66141
Risk: Low
CVSSv3.1: 1.8 [CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-42781
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows an attacker with physical access to perform denial of service attack.
The vulnerability exists due to a boundary error in Opensc before in pkcs15-oberthur.c. An attacker with physical access can pass specially crafted data to the application, trigger a heap-based buffer overflow and perform denial of service attack.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Stack-based buffer overflow
EUVDB-ID: #VU66137
Risk: Low
CVSSv3.1: 2.1 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-42782
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows an attacker with physical access to perform a denial of service attack.
The vulnerability exists due to a boundary error in Opensc in various places. An attacker with physical access can trigger stack-based buffer overflow and perform a denial of service attack.
MitigationUpdate the affected package opensc to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Server for SAP: 15-SP3
SUSE Linux Enterprise High Performance Computing: 15-ESPOS - 15-LTSS
SUSE Linux Enterprise Server: 15-LTSS
opensc-debugsource: before 0.18.0-150000.3.23.1
opensc-debuginfo: before 0.18.0-150000.3.23.1
opensc: before 0.18.0-150000.3.23.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20221041-1/
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
