Back to bug 2211088
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2023-05-30 13:29:18 UTC | Blocks | 2211089 | |
| Sandipan Roy | 2023-05-30 13:32:50 UTC | Depends On | 2211092, 2211091, 2211093, 2211090 | |
| Sandipan Roy | 2023-05-30 13:49:35 UTC | Doc Text | A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | |
| Jakub Jelen | 2023-05-31 08:46:49 UTC | Flags | needinfo?(saroy) | |
| Sandipan Roy | 2023-05-31 08:52:21 UTC | Priority | medium | low |
| Severity | medium | low | ||
| Sandipan Roy | 2023-05-31 08:54:04 UTC | Flags | needinfo?(saroy) | |
| RaTasha Tillery-Smith | 2023-05-31 12:17:48 UTC | Doc Text | A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | A vulnerability was found in OpenSC. This issue causes a buffer overrun in the pkcs15 cardos_have_verifyrc_package. This flaw allows an attacker to supply a smart card package with a malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for two tags, where the remaining length is wrongly calculated due to a moved starting pointer, leading to a possible heap-based buffer out-of-bounds read. In cases where ASN is enabled while compiling, this problem causes a crash, and further information leaks or more damage is likely. |
| Red Hat Bugzilla | 2023-07-07 08:30:58 UTC | Assignee | security-response-team | nobody |
Back to bug 2211088