#VU35565 Buffer overflow in OpenSC - CVE-2019-16058

Cybersecurity Help s.r.o.

Published: 2019-09-06 | Updated: 2020-08-08

Vulnerability identifier: #VU35565

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-16058

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSC
Universal components / Libraries / Libraries used by multiple products

Vendor: OpenSC

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme.

Mitigation
Install update from vendor's website.

Vulnerable software versions

OpenSC: 0.2.0 - 0.3.0

External links
https://www.openwall.com/lists/oss-security/2019/09/12/1
https://github.com/OpenSC/pam_p11/commit/d150b60e1e14c261b113f55681419ad1dfa8a76c

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in OpenSC