#VU23847 Buffer overflow in OpenSC
Vulnerability identifier: #VU23847
Vulnerability risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
OpenSC
Universal components / Libraries /
Libraries used by multiple products
Vendor: OpenSC
Description
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing CAC certificates in libopensc/card-cac1.c. A local user can pass specially crafted certificate to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
OpenSC: 0.4.0 - 0.20.0 rc34
External links
http://www.openwall.com/lists/oss-security/2019/12/29/1
http://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18618
http://github.com/OpenSC/OpenSC/commit/b75c002cfb1fd61cd20ec938ff4937d7b1a94278
http://github.com/OpenSC/OpenSC/releases/tag/0.20.0
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
