Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 907930 (CVE-2023-2977) - <dev-libs/opensc-0.23.0-r1: buffer overread vulnerability
Summary: <dev-libs/opensc-0.23.0-r1: buffer overread vulnerability
Status: CONFIRMED
Alias: CVE-2023-2977
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://github.com/OpenSC/OpenSC/issu...
Whiteboard: A3 [glsa?]
Keywords:
Depends on: 910086
Blocks:
  Show dependency tree
 
Reported: 2023-06-06 04:15 UTC by John Helmert III
Modified: 2024-05-27 08:16 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-06-06 04:15:43 UTC 
CVE-2023-2977:

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.

Patch: https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a
Comment 1 Larry the Git Cow gentoo-dev 2023-06-10 19:07:02 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc922f70f70016cf7fd197a8f492e654e0556f50

commit cc922f70f70016cf7fd197a8f492e654e0556f50
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2023-06-10 19:06:40 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2023-06-10 19:06:40 +0000

    dev-libs/opensc: add patch for CVE-2023-2977
    
    Bug: https://bugs.gentoo.org/907930
    Signed-off-by: David Seifert <soap@gentoo.org>

 .../opensc/files/opensc-0.23.0-CVE-2023-2977.patch | 49 +++++++++++++
 dev-libs/opensc/opensc-0.23.0-r1.ebuild            | 83 ++++++++++++++++++++++
 2 files changed, 132 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2024-05-27 08:16:52 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=09bf61ced9f91e8460b2227f15b2256618ffaf29

commit 09bf61ced9f91e8460b2227f15b2256618ffaf29
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2024-05-27 08:16:39 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2024-05-27 08:16:39 +0000

    dev-libs/opensc: drop 0.24.0, 0.25.0, 0.25.0-r1
    
    Bug: https://bugs.gentoo.org/907930
    Bug: https://bugs.gentoo.org/917651
    Signed-off-by: David Seifert <soap@gentoo.org>

 dev-libs/opensc/Manifest                |  2 -
 dev-libs/opensc/opensc-0.24.0.ebuild    | 76 ----------------------------
 dev-libs/opensc/opensc-0.25.0-r1.ebuild | 87 ---------------------------------
 dev-libs/opensc/opensc-0.25.0.ebuild    | 76 ----------------------------
 4 files changed, 241 deletions(-)