CVE-2023-2977 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Project Opensc

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125 — Out-of-bounds Read10 documents8 sources

Severity

7.1HIGHNVD

EPSS

0.0%

top 93.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opensc Project Opensc Redhat Enterprise Linux

Timeline

PublishedJun 1

Latest updateSep 16

Description

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or mor…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages3 packages

▶Debianopensc_project/opensc< 0.21.0-1+deb11u1+3

▶CVEListV5opensc_project/openscopensc-0.23.0

▶NVDopensc_project/opensc0.23.0

Also affects: Enterprise Linux 8.0, 9.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-p22r-5f28-437x: A vulnerbility was found in OpenSC↗2023-06-01

▶

OSV

CVE-2023-2977: A vulnerbility was found in OpenSC↗2023-06-01

▶

CVEList

CVE-2023-2977: A vulnerbility was found in OpenSC↗2023-06-01

▶

📋Vendor Advisories

Red Hat

kernel: net: fix net_dev_start_xmit trace event vs skb_transport_offset()↗2025-09-16

▶

Ubuntu

OpenSC vulnerabilities↗2025-04-09

▶

Ubuntu

OpenSC vulnerabilities↗2025-03-12

▶

Microsoft

▶

Red Hat

opensc: buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package↗2023-05-30

▶