CVE-2023-2977

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.
Configurations

Configuration 1 (hide)

cpe:2.3:a:opensc_project:opensc:0.23.0:-:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

History

07 Nov 2023, 04:13

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJD4Q4AJSGE5UIJI7OUYZY4HGGCVYQNI/', 'name': 'FEDORA-2023-2afb831742', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAR54OV6EHA56B4XJF6RNPQ4HJ2ITU66/', 'name': 'FEDORA-2023-29530cc60b', 'tags': [], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FJD4Q4AJSGE5UIJI7OUYZY4HGGCVYQNI/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAR54OV6EHA56B4XJF6RNPQ4HJ2ITU66/ -

17 Aug 2023, 19:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJD4Q4AJSGE5UIJI7OUYZY4HGGCVYQNI/ -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAR54OV6EHA56B4XJF6RNPQ4HJ2ITU66/ -

21 Jun 2023, 02:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html -

07 Jun 2023, 18:45

Type Values Removed Values Added
CPE cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:opensc_project:opensc:0.23.0:-:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2211088 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2211088 - Issue Tracking, Third Party Advisory
References (MISC) https://github.com/OpenSC/OpenSC/pull/2787 - (MISC) https://github.com/OpenSC/OpenSC/pull/2787 - Patch
References (MISC) https://github.com/OpenSC/OpenSC/issues/2785 - (MISC) https://github.com/OpenSC/OpenSC/issues/2785 - Issue Tracking, Patch
References (MISC) https://access.redhat.com/security/cve/CVE-2023-2977 - (MISC) https://access.redhat.com/security/cve/CVE-2023-2977 - Third Party Advisory
First Time Opensc Project
Redhat
Opensc Project opensc
Redhat enterprise Linux
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.1
CWE CWE-125

01 Jun 2023, 01:17

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-01 01:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-2977

Mitre link : CVE-2023-2977

CVE.ORG link : CVE-2023-2977


JSON object : View

Products Affected

opensc_project

  • opensc

redhat

  • enterprise_linux
CWE
CWE-125

Out-of-bounds Read

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer