First published: Fri Sep 06 2019(Updated: )
An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opensc Project Opensc | =0.2.0 | |
Opensc Project Opensc | =0.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-16058 is a vulnerability in the pam_p11 component for OpenSC that allows for a buffer overflow when a smart card creates a signature with a length longer than 256 bytes.
If you are using OpenSC version 0.2.0 or 0.3.0 with the pam_p11 component, and you use a smart card with RSA keys of 4096 bits or larger, this vulnerability may allow an attacker to trigger a buffer overflow.
CVE-2019-16058 has a severity rating of 7.5 (high).
To fix CVE-2019-16058, it is recommended to update to a patched version of OpenSC that addresses the buffer overflow vulnerability.
Yes, you can find more information about CVE-2019-16058 at [this link](http://www.openwall.com/lists/oss-security/2019/09/12/1) and [this link](https://github.com/OpenSC/pam_p11/commit/d150b60e1e14c261b113f55681419ad1dfa8a76c).