Explore top 10 tips to secure your open-source projects now. Read More
×
## This update for opensc fixes the following issues: * CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386). * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (bsc#1230364). * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (bsc#1230076). * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (bsc#1230075). * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (bsc#1230074). * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (bsc#1230073). * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU
* bsc#1219386
* bsc#1230071
* bsc#1230072
* bsc#1230073
* bsc#1230074
* bsc#1230075
* bsc#1230076
* bsc#1230364
Cross-
* CVE-2023-5992
* CVE-2024-45615
* CVE-2024-45616
* CVE-2024-45617
* CVE-2024-45618
* CVE-2024-45619
* CVE-2024-45620
* CVE-2024-8443
CVSS scores:
* CVE-2023-5992 ( SUSE ): 4.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
* CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-5992 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-45615 ( SUSE ): 1.0
CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2024-45615 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Get the latest Linux and open source security news straight to your inbox.