Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 349561 (CVE-2010-4531) - <sys-apps/pcsc-lite-1.6.6: Stack Overflow Vulnerability (CVE-2010-4531)
Summary: <sys-apps/pcsc-lite-1.6.6: Stack Overflow Vulnerability (CVE-2010-4531)
Status: RESOLVED FIXED
Alias: CVE-2010-4531
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://lists.alioth.debian.org/piperm...
Whiteboard: B1 [glsa]
Keywords:
Depends on: CVE-2010-4530 CVE-2010-4523 349813
Blocks:
  Show dependency tree
 
Reported: 2010-12-24 03:55 UTC by Tim Sammut (RETIRED)
Modified: 2014-01-21 17:53 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2010-12-24 03:55:48 UTC
The commit at $URL corrects a stack overflow vulnerability that could be exploited by local users to execute arbitrary code with the privileges of user running pcscd.

I believe this is fixed in sys-apps/pcsc-lite-1.6.6, which is already in the tree.

Arches, please test and mark stable:
=sys-apps/pcsc-lite-1.6.6
Target keywords : "amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Comment 1 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-12-25 03:13:46 UTC
Can you _please_ ask the maintainer before asking arches to mark stuff stable?

This needs _at least_ to go stable *at the same time* of the latest ccid, and there are likely other revdeps that need to go stable at the same time. And at least one package that upstream (same author) didn't update to work with the new udev-based discovery.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2010-12-25 07:27:26 UTC
(In reply to comment #1)
> Can you _please_ ask the maintainer before asking arches to mark stuff stable?
> 

My apologies. Please let us know when/if this can go stable and with which other dependencies.  
Comment 3 Diego Elio Pettenò (RETIRED) gentoo-dev 2010-12-26 18:49:44 UTC
List of packages to stable _at the same time_ for the arch teams:

sys-apps/pcsc-lite-1.6.6-r1
app-crypt/ccid-1.4.1-r1 [older ccid won't work with new pcsc-lite, newer ccid won't work with old pcsc-lite]
dev-libs/opensc-0.11.13-r2 [-r0 will not work; -r2 also fixes buffer overflows]
net-misc/rdesktop-1.6.0-r4 [I didn't want to fix the previous versions, see the dependent bugs]

(Tim can you please open the rdesktop stable bug as well? Thanks!)
Comment 4 Tim Sammut (RETIRED) gentoo-dev 2010-12-28 16:50:10 UTC
Arches, please test and mark stable:
=sys-apps/pcsc-lite-1.6.6
Target keywords : "amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"

This must be stabilized at the same time with:

app-crypt/ccid-1.4.1-r1 in bug 349559
dev-libs/opensc-0.11.13-r2 in bug 349567
net-misc/rdesktop-1.6.0-r4 in bug 349835
Comment 5 Markos Chandras (RETIRED) gentoo-dev 2010-12-29 10:32:16 UTC
amd64 done
Comment 6 Jeroen Roovers (RETIRED) gentoo-dev 2010-12-29 14:26:36 UTC
Stable for HPPA PPC.
Comment 7 Thomas Kahle (RETIRED) gentoo-dev 2010-12-29 17:41:20 UTC
x86 done.
Comment 8 Markus Meier gentoo-dev 2010-12-31 17:40:33 UTC
arm stable
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2011-01-01 15:45:55 UTC
alpha/arm/ia64/m68k/s390/sh/sparc
Comment 10 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-01-10 11:14:45 UTC
ppc64 stable, last arch done
Comment 11 Tim Sammut (RETIRED) gentoo-dev 2011-01-10 18:26:29 UTC
Thanks, everyone. GLSA request filed.
Comment 12 Stefan Behte (RETIRED) gentoo-dev Security 2011-01-21 11:15:44 UTC
CVE-2010-4531 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4531):
  Stack-based buffer overflow in the ATRDecodeAtr function in the
  Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite
  1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically
  proximate attackers to cause a denial of service (crash) and possibly
  execute arbitrary code via a smart card with an ATR message
  containing a long attribute value.

Comment 13 Alon Bar-Lev (RETIRED) gentoo-dev 2012-12-15 00:17:46 UTC
security: why does this still open (and its dependencies)?
Comment 14 Alex Legler (RETIRED) archtester gentoo-dev Security 2012-12-16 11:07:42 UTC
(In reply to comment #13)
> security: why does this still open (and its dependencies)?

pending advisory
Comment 15 Alon Bar-Lev (RETIRED) gentoo-dev 2012-12-16 11:13:56 UTC
(In reply to comment #14)
> (In reply to comment #13)
> > security: why does this still open (and its dependencies)?
> 
> pending advisory

Thanks!
From 2011-01-21?
Comment 16 GLSAMaker/CVETool Bot gentoo-dev 2014-01-21 17:53:04 UTC
This issue was resolved and addressed in
 GLSA 201401-17 at http://security.gentoo.org/glsa/glsa-201401-17.xml
by GLSA coordinator Sean Amoss (ackle).