opensc: fix CVE-2024-45617 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Zhang Peng <peng.zhang1.cn@windriver.com>	2025-01-15 15:24:25 +0800
committer	Armin Kuster <akuster808@gmail.com>	2025-01-22 19:28:47 -0500
commit	4fff381a2257edcf6d1119973bc347233dadfdb3 (patch)
tree	7cba0f7f5f37f92c42a63c9218e695d54d921d7f /meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch
parent	cd6d013e47774cf5b3ced01d7279de64af86c0e7 (diff)
download	meta-openembedded-4fff381a2257edcf6d1119973bc347233dadfdb3.tar.gz

opensc: fix CVE-2024-45617

CVE-2024-45617: A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2024-45617] Upstream patches: [https://github.com/OpenSC/OpenSC/commit/fdb9e903eb124b6b18a5a9350a26eceb775585bc] [https://github.com/OpenSC/OpenSC/commit/fdb9e903eb124b6b18a5a9350a26eceb775585bc] [https://github.com/OpenSC/OpenSC/commit/efbc14ffa190e3e0ceecceb479024bb778b0ab68] Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: