diff options
| author | Zhang Peng <peng.zhang1.cn@windriver.com> | 2025-01-15 15:24:24 +0800 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2025-01-22 19:28:43 -0500 |
| commit | cd6d013e47774cf5b3ced01d7279de64af86c0e7 (patch) | |
| tree | c2c4cc3936ad89dbedd17caf287d1f0b94ba40a9 /meta-python/recipes-devtools/python/python-numeric | |
| parent | ecdd64cf489a4892f105cb7ef56da6b4b859166b (diff) | |
| download | meta-openembedded-cd6d013e47774cf5b3ced01d7279de64af86c0e7.tar.gz | |
opensc: fix CVE-2024-45616
CVE-2024-45616:
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
An attacker could use a crafted USB Device or Smart Card, which would present the system
with a specially crafted response to APDUs. The following problems were caused by
insufficient control of the response APDU buffer and its length when communicating
with the card.
Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2024-45616]
Upstream patches:
[https://github.com/OpenSC/OpenSC/commit/1d3b410e06d33cfc4c70e8a25386e456cfbd7bd1]
[https://github.com/OpenSC/OpenSC/commit/265b28344d036a462f38002d957a0636fda57614]
[https://github.com/OpenSC/OpenSC/commit/e7177c7ca00200afea820d155dca67f38b232967]
[https://github.com/OpenSC/OpenSC/commit/ef7b10a18e6a4d4f03f0c47ea81aa8136f3eca60]
[https://github.com/OpenSC/OpenSC/commit/76115e34799906a64202df952a8a9915d30bc89d]
[https://github.com/OpenSC/OpenSC/commit/16ada9dc7cddf1cb99516aea67b6752c251c94a2]
[https://github.com/OpenSC/OpenSC/commit/3562969c90a71b0bcce979f0e6d627546073a7fc]
[https://github.com/OpenSC/OpenSC/commit/cccdfc46b10184d1eea62d07fe2b06240b7fafbc]
[https://github.com/OpenSC/OpenSC/commit/5fa758767e517779fc5398b6b4faedc4e36d3de5]
[https://github.com/OpenSC/OpenSC/commit/aa102cd9abe1b0eaf537d9dd926844a46060d8bc]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-python/recipes-devtools/python/python-numeric')
0 files changed, 0 insertions, 0 deletions