#VU86939 Use-after-free in OpenSC - CVE-2024-1454
Vulnerability identifier: #VU86939
Vulnerability risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
OpenSC
Universal components / Libraries /
Libraries used by multiple products
Vendor: OpenSC
Description
The vulnerability allows an attacker to bypass authentication.
The vulnerability exists due to a use-after-free error in the AuthentIC driver in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. An attacker with physical access to the system can use a crafted USB device or smart card to present the system with specially crafted responses to the APDUs to card management operations during enrollment.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
OpenSC: 0.2.0 - 0.24.0
External links
https://access.redhat.com/security/cve/CVE-2024-1454
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64898
https://bugzilla.redhat.com/show_bug.cgi?id=2263929
https://github.com/OpenSC/OpenSC/commit/5835f0d4f6c033bd58806d33fa546908d39825c9
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
