diff options
author | Guilhem Moulin <guilhem@debian.org> | 2023-11-27 02:12:45 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@debian.org> | 2023-11-27 02:14:29 +0100 |
commit | 0c829788573189c2286656ccf61d10f0231bf00f (patch) | |
tree | 7cc94ee9256fd6092e16082288e0d58709f8451e /english/lts | |
parent | 31179cd4c24783ad864340c717a58d8618cdf073 (diff) |
DLA-3668-1 for opensc
Diffstat (limited to 'english/lts')
-rw-r--r-- | english/lts/security/2023/dla-3668.data | 10 | ||||
-rw-r--r-- | english/lts/security/2023/dla-3668.wml | 64 |
2 files changed, 74 insertions, 0 deletions
diff --git a/english/lts/security/2023/dla-3668.data b/english/lts/security/2023/dla-3668.data new file mode 100644 index 00000000000..3b043093ad6 --- /dev/null +++ b/english/lts/security/2023/dla-3668.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-3668-1 opensc</define-tag> +<define-tag report_date>2023-11-27</define-tag> +<define-tag secrefs>CVE-2023-40660 CVE-2023-40661 Bug#1055521 Bug#1055522</define-tag> +<define-tag packages>opensc</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2023/dla-3668.wml b/english/lts/security/2023/dla-3668.wml new file mode 100644 index 00000000000..9598389f446 --- /dev/null +++ b/english/lts/security/2023/dla-3668.wml @@ -0,0 +1,64 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> +<p>Vulnerabilities were found in opensc, a set of libraries and utilities +to access smart cards, which could lead to application crash or +authentication bypass.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2023-40660">CVE-2023-40660</a> + + <p>When the token/card was plugged into the computer and authenticated + from one process, it could be used to provide cryptographic + operations from different process when the empty, zero-length PIN + and the token can track the login status using some of its + internals. This is dangerous for OS logon/screen unlock and small + tokens that are plugged permanently to the computer.</p> + + <p>The bypass was removed and explicit logout implemented for most of + the card drivers to prevent leaving unattended logged-in tokens.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2023-40661">CVE-2023-40661</a> + + <p>This advisory summarizes automatically reported issues from dynamic + analyzers reports in pkcs15-init that are security relevant.</p> + + <p><ul> + <li>stack buffer overflow in <code>sc_pkcs15_get_lastupdate()</code> in pkcs15init;</li> + <li> heap buffer overflow in <code>setcos_create_key()</code> in pkcs15init;</li> + <li> heap buffer overflow in <code>cosm_new_file()</code> in pkcs15init;</li> + <li> stack buffer overflow in <code>cflex_delete_file()</code> in pkcs15init;</li> + <li> heap buffer overflow in <code>sc_hsm_write_ef()</code> in pkcs15init;</li> + <li> stack buffer overflow while parsing pkcs15 profile files;</li> + <li> stack buffer overflow in muscle driver in pkcs15init; and</li> + <li> stack buffer overflow in cardos driver in pkcs15init.</li> + </ul></p> + + <p>All of these require physical access to the computer at the time + user or administrator would be enrolling the cards (generating keys + and loading certificates, other card/token management) operations. + The attack requires crafted USB device or smart card that would + present the system with specially crafted responses to the APDUs so + they are considered a high-complexity and low-severity. This issue + is not exploitable just by using a PKCS#11 module as done in most of + the end-user deployments.</p></li> + +</ul> + +<p>For Debian 10 buster, these problems have been fixed in version +0.19.0-1+deb10u3.</p> + +<p>We recommend that you upgrade your opensc packages.</p> + +<p>For the detailed security status of opensc please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/opensc">https://security-tracker.debian.org/tracker/opensc</a></p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2023/dla-3668.data" +# $Id: $ |