SUSE 15 SP6: SUSE: 2024:3444-1 low: opensc Security Issues

suse

September 25, 2024

* bsc#1217722 * bsc#1230071 * bsc#1230072 * bsc#1230073 * bsc#1230074

Summary

## This update for opensc fixes the following issues: * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076) * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075) * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074) * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073) * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072) * CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071) * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key.

Topics Covered

security advisory security issue low severity SUSE opensc

References

* bsc#1217722

* bsc#1230071

* bsc#1230072

* bsc#1230073

* bsc#1230074

* bsc#1230075

* bsc#1230076

* bsc#1230364

Cross-

* CVE-2024-45615

* CVE-2024-45616

* CVE-2024-45617

* CVE-2024-45618

* CVE-2024-45619

* CVE-2024-45620

* CVE-2024-8443

CVSS scores:

* CVE-2024-45615 ( SUSE ): 1.0

CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2024-45615 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2024-45615 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2024-45616 ( SUSE ): 1.0

CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2024-45616 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Severity

low

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:3444-1

Rating: low

Topics Covered

security advisory security issue low severity SUSE opensc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15 SP6: SUSE: 2024:3444-1 low: opensc Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE 15 SP6: SUSE: 2024:3444-1 low: opensc Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!