An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute. Reference: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18693 Upstream commit: https://github.com/OpenSC/OpenSC/commit/c3f23b836e5a1766c36617fe1da30d22f7b63de2
Created opensc tracking bugs for this issue: Affects: epel-6 [bug 1782521] Affects: fedora-all [bug 1782520]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4483 https://access.redhat.com/errata/RHSA-2020:4483
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-19479