CVE-2023-2977: A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. Patch: https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cc922f70f70016cf7fd197a8f492e654e0556f50 commit cc922f70f70016cf7fd197a8f492e654e0556f50 Author: David Seifert <soap@gentoo.org> AuthorDate: 2023-06-10 19:06:40 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2023-06-10 19:06:40 +0000 dev-libs/opensc: add patch for CVE-2023-2977 Bug: https://bugs.gentoo.org/907930 Signed-off-by: David Seifert <soap@gentoo.org> .../opensc/files/opensc-0.23.0-CVE-2023-2977.patch | 49 +++++++++++++ dev-libs/opensc/opensc-0.23.0-r1.ebuild | 83 ++++++++++++++++++++++ 2 files changed, 132 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=09bf61ced9f91e8460b2227f15b2256618ffaf29 commit 09bf61ced9f91e8460b2227f15b2256618ffaf29 Author: David Seifert <soap@gentoo.org> AuthorDate: 2024-05-27 08:16:39 +0000 Commit: David Seifert <soap@gentoo.org> CommitDate: 2024-05-27 08:16:39 +0000 dev-libs/opensc: drop 0.24.0, 0.25.0, 0.25.0-r1 Bug: https://bugs.gentoo.org/907930 Bug: https://bugs.gentoo.org/917651 Signed-off-by: David Seifert <soap@gentoo.org> dev-libs/opensc/Manifest | 2 - dev-libs/opensc/opensc-0.24.0.ebuild | 76 ---------------------------- dev-libs/opensc/opensc-0.25.0-r1.ebuild | 87 --------------------------------- dev-libs/opensc/opensc-0.25.0.ebuild | 76 ---------------------------- 4 files changed, 241 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=23be12cfae2d9da48f019359f136da5eee02793b commit 23be12cfae2d9da48f019359f136da5eee02793b Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-12-11 08:39:14 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-12-11 08:39:25 +0000 [ GLSA 202412-15 ] OpenSC: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/907930 Bug: https://bugs.gentoo.org/917651 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202412-15.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+)