CVE-2021-42782
Description
Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that could potentially crash programs using the library.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
0.093
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in OpenSC smartcard framework 0.21.0-rc2 | Windows |
| SUSE-SU-2021:3582-1(SUSE Linux Enterprise Server 12-SP5 ) opensc-0.13.0-3.19.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3582-1(SUSE Linux Enterprise Server 12-SP5 ) opensc-debuginfo-0.13.0-3.19.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3582-1(SUSE Linux Enterprise Server 12-SP5 ) opensc-debugsource-0.13.0-3.19.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4065-1(SUSE Linux Enterprise Server 12 SP5 ) opensc-0.13.0-3.25.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4065-1(SUSE Linux Enterprise Server 12 SP5 ) opensc-debuginfo-0.13.0-3.25.1.x86_64.rpm | Linux |
| SUSE-SU-2023:4065-1(SUSE Linux Enterprise Server 12 SP5 ) opensc-debugsource-0.13.0-3.25.1.x86_64.rpm | Linux |
| Smart card utilities with support for PKCS#15 compatible cards (USN-7346-1) opensc_0.25.1-2ubuntu1.1_amd64.deb | Linux |
| Smart card utilities with support for PKCS#15 compatible cards (USN-7346-1) opensc-pkcs11_0.25.1-2ubuntu1.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234