Explore top 10 tips to secure your open-source projects now. Read More
×
PCSC-Lite could be made to crash or run programs if it accessed a special
smart card.
Software Description:
- pcsc-lite: Middleware to access a smart card using PC/SC (development files)
Details:
Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled smart
cards with malformed ATR messages. An attacker having physical access
could exploit this with a special smart card and cause a denial of service
or execute arbitrary code.
The problem can be corrected by updating your system to the following package versions: Ubuntu 10.10: libpcsclite1 1.5.5-3ubuntu2.1 Ubuntu 10.04 LTS: libpcsclite1 1.5.3-1ubuntu4.2 Ubuntu 9.10: libpcsclite1 1.5.3-1ubuntu1.2 After a standard system update you need to restart smart card applications to make all the necessary changes.
CVE-2010-4531
Get the latest Linux and open source security news straight to your inbox.