Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 754
Alerts This Week
Warning Icon 1 754

SUSE Linux Micro 6.1: OpenSC Moderate Security Fix for 2025:20671-1

suse
Calendar Grey September 10, 2025
Dist Suse Esm H88
SUSE has released a Security Update for OpenSC, which tackles several issues with a moderate severity classification. Included are vital patches.
* bsc#1219386 * bsc#1230071 * bsc#1230072 * bsc#1230073 * bsc#1230074

Summary

## This update for opensc fixes the following issues: * CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386). * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (bsc#1230364). * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (bsc#1230076). * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (bsc#1230075). * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (bsc#1230074). * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (bsc#1230073). * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU

References

* bsc#1219386

* bsc#1230071

* bsc#1230072

* bsc#1230073

* bsc#1230074

* bsc#1230075

* bsc#1230076

* bsc#1230364

Cross-

* CVE-2023-5992

* CVE-2024-45615

* CVE-2024-45616

* CVE-2024-45617

* CVE-2024-45618

* CVE-2024-45619

* CVE-2024-45620

* CVE-2024-8443

CVSS scores:

* CVE-2023-5992 ( SUSE ): 4.1

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

* CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N

* CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2023-5992 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

* CVE-2024-45615 ( SUSE ): 1.0

CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

* CVE-2024-45615 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Announcement ID: SUSE-SU-2025:20671-1
Release Date: 2025-09-05T12:16:07Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.