Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2021-0037)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2021.0037

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2021-0037)

Resumen: The remote host is missing an update for the 'opensc' package(s) announced via the MGASA-2021-0037 advisory.

Descripción: Summary:
The remote host is missing an update for the 'opensc' package(s) announced via the MGASA-2021-0037 advisory.

Vulnerability Insight:
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a
heap-based buffer overflow in sc_oberthur_read_file (CVE-2020-26570).

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a
stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init (CVE-2020-26571).

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a
stack-based buffer overflow in tcos_decipher (CVE-2020-26572).

Affected Software/OS:
'opensc' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2020-26570
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXOHFDMNMO6IDECAGUTB3SJGAGXVRT6S/
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24316
https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e
https://lists.debian.org/debian-lts-announce/2021/11/msg00027.html
http://www.openwall.com/lists/oss-security/2020/11/24/4
Common Vulnerability Exposure (CVE) ID: CVE-2020-26571
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20612
Common Vulnerability Exposure (CVE) ID: CVE-2020-26572
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22967
https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0037
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0037)
Resumen:	The remote host is missing an update for the 'opensc' package(s) announced via the MGASA-2021-0037 advisory.
Descripción:	Summary: The remote host is missing an update for the 'opensc' package(s) announced via the MGASA-2021-0037 advisory. Vulnerability Insight: The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file (CVE-2020-26570). The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init (CVE-2020-26571). The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher (CVE-2020-26572). Affected Software/OS: 'opensc' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-26570 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXOHFDMNMO6IDECAGUTB3SJGAGXVRT6S/ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24316 https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e https://lists.debian.org/debian-lts-announce/2021/11/msg00027.html http://www.openwall.com/lists/oss-security/2020/11/24/4 Common Vulnerability Exposure (CVE) ID: CVE-2020-26571 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20612 Common Vulnerability Exposure (CVE) ID: CVE-2020-26572 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22967 https://github.com/OpenSC/OpenSC/commit/9d294de90d1cc66956389856e60b6944b27b4817
Copyright	Copyright (C) 2022 Greenbone AG