CVE-2024-45619

CVE-2024-45619

Name

CVE-2024-45619

Description

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vdb-entry	https://access.redhat.com/security/cve/CVE-2024-45619
issue-tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2309288
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html

Type

URI

vdb-entry

https://access.redhat.com/security/cve/CVE-2024-45619

issue-tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2309288

af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
opensc	edge-community	0.26.0-r0	Timo Teräs <timo.teras@iki.fi>	fixed
opensc	3.22-community	0.26.0-r0	Timo Teräs <timo.teras@iki.fi>	fixed
opensc	3.21-community	0.26.0-r0	Timo Teräs <timo.teras@iki.fi>	fixed

Source package

Branch

Version

Maintainer

Status

opensc

edge-community

0.26.0-r0

Timo Teräs <timo.teras@iki.fi>

fixed

opensc

3.22-community