Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 349559 (CVE-2010-4530)

Summary: <app-crypt/ccid-1.4.1-r1: Integer Overflow Vulnerability (CVE-2010-4530)
Product: Gentoo Security Reporter: Tim Sammut (RETIRED) <underling>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004934.html
Whiteboard: B1 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 349561    

Description Tim Sammut (RETIRED) gentoo-dev 2010-12-24 03:50:32 UTC
According to a posting to the oss-security mailing list, http://www.openwall.com/lists/oss-security/2010/12/22/7, this integer overflow could be exploited by a local attacker to execute arbitrary code. There appear to be two relevant upstream commits at:

http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004934.html
http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004935.html

I believe these are fixed in app-crypt/ccid-1.4.1-r1, which is already in the tree. So unless @crypto objects, we will stabilize that.

Arches, please test and mark stable:
=app-crypt/ccid-1.4.1-r1
Target keywords : "amd64 hppa ppc ppc64 x86"
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2010-12-25 07:29:07 UTC
Reverting stabilization request. 

@crypto, please let us know if this can go stable. Thanks!
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2010-12-28 16:49:53 UTC
Arches, please test and mark stable:
=app-crypt/ccid-1.4.1-r1
Target keywords : "amd64 hppa ppc ppc64 x86"

This must be stabilized with:

sys-apps/pcsc-lite-1.6.6 in bug 349561
dev-libs/opensc-0.11.13-r2 in bug 349567
net-misc/rdesktop-1.6.0-r4 in bug 349835
Comment 3 Markos Chandras (RETIRED) gentoo-dev 2010-12-29 10:35:24 UTC
amd64 done
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2010-12-29 14:26:56 UTC
Stable for HPPA PPC.
Comment 5 Thomas Kahle (RETIRED) gentoo-dev 2010-12-29 17:40:43 UTC
x86 done.
Comment 6 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-01-10 11:11:32 UTC
ppc64 stable, last arch done
Comment 7 Tim Sammut (RETIRED) gentoo-dev 2011-01-10 18:25:48 UTC
Thanks, folks. GLSA request filed.
Comment 8 Stefan Behte (RETIRED) gentoo-dev Security 2011-01-21 11:16:23 UTC
CVE-2010-4530 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4530):
  Signedness error in ccid_serial.c in libccid in the USB Chip/Smart
  Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite
  1.5.3 and possibly other products, allows physically proximate
  attackers to execute arbitrary code via a smart card with a crafted
  serial number that causes a negative value to be used in a memcpy
  operation, which triggers a buffer overflow.  NOTE: some sources
  refer to this issue as an integer overflow.

Comment 9 Alon Bar-Lev (RETIRED) gentoo-dev 2012-12-15 23:48:38 UTC
security: is there any reason why this still opened?
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2014-01-21 17:51:15 UTC
This issue was resolved and addressed in
 GLSA 201401-16 at http://security.gentoo.org/glsa/glsa-201401-16.xml
by GLSA coordinator Sean Amoss (ackle).