opensc: fix CVE-2024-45620 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Zhang Peng <peng.zhang1.cn@windriver.com>	2025-01-15 15:24:28 +0800
committer	Armin Kuster <akuster808@gmail.com>	2025-01-22 19:28:56 -0500
commit	c028b3652715600a0bed43314c4f1b53d7e0181e (patch)
tree	4b63677a7015bad9a15c1ae88f3c0fc257930c44 /meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch
parent	d51c6495e018725479b08968eef6436a4ec2433d (diff)
download	meta-openembedded-c028b3652715600a0bed43314c4f1b53d7e0181e.tar.gz

opensc: fix CVE-2024-45620

CVE-2024-45620: A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2024-45620] Upstream patches: [https://github.com/OpenSC/OpenSC/commit/a1bcc6516f43d570899820d259b71c53f8049168] [https://github.com/OpenSC/OpenSC/commit/6baa19596598169d652659863470a60c5ed79ecd] [https://github.com/OpenSC/OpenSC/commit/468a314d76b26f724a551f2eb339dd17c856cf18] Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python-numeric/0001-it-tries-to-define-this-function-differently-than-it.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: