Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 349559 (CVE-2010-4530) - <app-crypt/ccid-1.4.1-r1: Integer Overflow Vulnerability (CVE-2010-4530)
Summary: <app-crypt/ccid-1.4.1-r1: Integer Overflow Vulnerability (CVE-2010-4530)
Status: RESOLVED FIXED
Alias: CVE-2010-4530
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://lists.alioth.debian.org/piperm...
Whiteboard: B1 [glsa]
Keywords:
Depends on:
Blocks: CVE-2010-4531
  Show dependency tree
 
Reported: 2010-12-24 03:50 UTC by Tim Sammut (RETIRED)
Modified: 2014-01-21 17:51 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tim Sammut (RETIRED) gentoo-dev 2010-12-24 03:50:32 UTC
According to a posting to the oss-security mailing list, http://www.openwall.com/lists/oss-security/2010/12/22/7, this integer overflow could be exploited by a local attacker to execute arbitrary code. There appear to be two relevant upstream commits at:

http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004934.html
http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004935.html

I believe these are fixed in app-crypt/ccid-1.4.1-r1, which is already in the tree. So unless @crypto objects, we will stabilize that.

Arches, please test and mark stable:
=app-crypt/ccid-1.4.1-r1
Target keywords : "amd64 hppa ppc ppc64 x86"
Comment 1 Tim Sammut (RETIRED) gentoo-dev 2010-12-25 07:29:07 UTC
Reverting stabilization request. 

@crypto, please let us know if this can go stable. Thanks!
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2010-12-28 16:49:53 UTC
Arches, please test and mark stable:
=app-crypt/ccid-1.4.1-r1
Target keywords : "amd64 hppa ppc ppc64 x86"

This must be stabilized with:

sys-apps/pcsc-lite-1.6.6 in bug 349561
dev-libs/opensc-0.11.13-r2 in bug 349567
net-misc/rdesktop-1.6.0-r4 in bug 349835
Comment 3 Markos Chandras (RETIRED) gentoo-dev 2010-12-29 10:35:24 UTC
amd64 done
Comment 4 Jeroen Roovers gentoo-dev 2010-12-29 14:26:56 UTC
Stable for HPPA PPC.
Comment 5 Thomas Kahle (RETIRED) gentoo-dev 2010-12-29 17:40:43 UTC
x86 done.
Comment 6 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-01-10 11:11:32 UTC
ppc64 stable, last arch done
Comment 7 Tim Sammut (RETIRED) gentoo-dev 2011-01-10 18:25:48 UTC
Thanks, folks. GLSA request filed.
Comment 8 Stefan Behte (RETIRED) gentoo-dev Security 2011-01-21 11:16:23 UTC
CVE-2010-4530 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4530):
  Signedness error in ccid_serial.c in libccid in the USB Chip/Smart
  Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite
  1.5.3 and possibly other products, allows physically proximate
  attackers to execute arbitrary code via a smart card with a crafted
  serial number that causes a negative value to be used in a memcpy
  operation, which triggers a buffer overflow.  NOTE: some sources
  refer to this issue as an integer overflow.

Comment 9 Alon Bar-Lev gentoo-dev 2012-12-15 23:48:38 UTC
security: is there any reason why this still opened?
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2014-01-21 17:51:15 UTC
This issue was resolved and addressed in
 GLSA 201401-16 at http://security.gentoo.org/glsa/glsa-201401-16.xml
by GLSA coordinator Sean Amoss (ackle).