CVE-2023-2977

Name
CVE-2023-2977
Description
A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/OpenSC/OpenSC/issues/2785
MISC https://access.redhat.com/security/cve/CVE-2023-2977
MISC https://github.com/OpenSC/OpenSC/pull/2787
MISC https://bugzilla.redhat.com/show_bug.cgi?id=2211088
MLIST https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:opensc_project:opensc:0.23.0:-:*:*:*:*:*:* opensc == None == 0.23.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
opensc edge-community 0.23.0-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable
opensc 3.18-community 0.23.0-r0 Timo Teräs <timo.teras@iki.fi> possibly vulnerable