Three stack-based buffer overflow flaws were found in the way OpenSC device drivers for A-Trust ACOS, ACS ACOS5 and STARCOS SPK 2.3 based smart cards processed certain values of card serial number. A local attacker could use this flaw to execute arbitrary code, with the privileges of the user running the opesc-tool or opensc-explorer binaries via a malicious smart card, with specially-crafted value of its serial number, inserted to the system. References: [1] http://labs.mwrinfosecurity.com/files/Advisories/mwri_opensc-get-serial-buffer-overflow_2010-12-13.pdf [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607732 [3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427 [4] http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-computer-1154829.html [5] https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/692483 Upstream changesets: [6] https://www.opensc-project.org/opensc/changeset/4913 [7] https://www.opensc-project.org/opensc/changeset/4912
CVE Request: [8] http://www.openwall.com/lists/oss-security/2010/12/21/2
These issues affect the versions of the opensc package, as shipped with Fedora release of 13 and 14. Please schedule an update.
Created opensc tracking bugs for this issue Affects: fedora-all [bug 664834]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.