#VU82974 Buffer overflow in OpenSC - CVE-2023-40661


Vulnerability identifier: #VU82974

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-40661

CWE-ID: CWE-119

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
OpenSC
Universal components / Libraries / Libraries used by multiple products

Vendor: OpenSC

Description

The vulnerability allows an attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. An attacker with physical access to the system can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenSC: 0.2.0 - 0.23.0

External links
https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1
https://bugzilla.redhat.com/show_bug.cgi?id=2240913
https://github.com/OpenSC/OpenSC/wiki/OpenSC-security-advisories
https://github.com/OpenSC/OpenSC/issues/2792#issuecomment-1674806651
https://access.redhat.com/security/cve/CVE-2023-40661

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for opensc
Ubuntu update for opensc
Ubuntu update for opensc
Amazon Linux AMI update for opensc
Gentoo update for OpenSC
Anolis OS update for opensc
Red Hat Enterprise Linux 8 update for opensc
Red Hat Enterprise Linux 9 update for opensc
Fedora 39 update for opensc
Fedora 38 update for opensc