#VU86939 Use-after-free in OpenSC
Vulnerability identifier: #VU86939
Vulnerability risk: Low
CVSSv3.1: 2.8 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
OpenSC
Universal components / Libraries /
Libraries used by multiple products
Vendor: OpenSC
Description
The vulnerability allows an attacker to bypass authentication.
The vulnerability exists due to a use-after-free error in the AuthentIC driver in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker with physical access to the system can use a crafted USB device or smart card to present the system with specially crafted responses to the APDUs to card management operations during enrollment.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
OpenSC: 0.2.0 - 0.24.0 rc2
External links
http://access.redhat.com/security/cve/CVE-2024-1454
http://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64898
http://bugzilla.redhat.com/show_bug.cgi?id=2263929
http://github.com/OpenSC/OpenSC/commit/5835f0d4f6c033bd58806d33fa546908d39825c9
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
