#VU98507 Heap-based buffer overflow in OpenSC - CVE-2024-8443

Cybersecurity Help s.r.o.

Published: 2024-10-14

Vulnerability identifier: #VU98507

Vulnerability risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-8443

CWE-ID: CWE-122

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
OpenSC
Universal components / Libraries / Libraries used by multiple products

Vendor: OpenSC

Description

The vulnerability allows an attacker to bypass implemented security restrictions.

The vulnerability exists due to a boundary error in the libopensc OpenPGP driver. An attacker with physical access to the system can use a crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool to trigger an out-of-bound rights, possibly resulting in arbitrary code execution.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenSC: 0.11.9 - 0.25.1

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2310494
https://github.com/OpenSC/OpenSC/releases/tag/0.26.0-rc1
https://github.com/advisories/GHSA-mgc5-p43f-72pc
https://github.com/OpenSC/OpenSC/pull/3219

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for opensc

openEuler update for opensc

SUSE update for opensc

Multiple vulnerabilities in OpenSC