SB2024030116 - Multiple vulnerabilities in OpenSC
Published: March 1, 2024
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2024-1454)
The vulnerability allows an attacker to bypass authentication.
The vulnerability exists due to a use-after-free error in the AuthentIC driver in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker with physical access to the system can use a crafted USB device or smart card to present the system with specially crafted responses to the APDUs to card management operations during enrollment.
2) Cryptographic issues (CVE-ID: CVE-2023-5992)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to the PKCS#1 encryption padding removal is not implemented as side-channel resistant. A remote attacker can gain access to sensitive data.
Remediation
Install update from vendor's website.
References
- https://access.redhat.com/security/cve/CVE-2024-1454
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64898
- https://bugzilla.redhat.com/show_bug.cgi?id=2263929
- https://github.com/OpenSC/OpenSC/commit/5835f0d4f6c033bd58806d33fa546908d39825c9
- https://access.redhat.com/security/cve/CVE-2023-5992
- https://bugzilla.redhat.com/show_bug.cgi?id=2248685
- https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992
- https://access.redhat.com/errata/RHSA-2024:0966
- https://access.redhat.com/errata/RHSA-2024:0967