Published: 04/09/2018 Updated: 11/09/2019

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC prior to 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensc project opensc

Debian Bug report logs - #909444 Minor security issues, CVE-2018-{16391-16393,16418-16427} Package: opensc; Maintainer for opensc is Debian OpenSC Maintainers <pkg-opensc-maint@listsaliothdebianorg>; Source for opensc is src:opensc (PTS, buildd, popcon) Reported by: Eric Dorland <eric@debianorg> Date: Sun, 23 Sep ...

A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsmc in OpenSC before 0190-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact ...

CWE-415 https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1 https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-d643a0fa169471dbf2912f4866dc49c5 https://lists.debian.org/debian-lts-announce/2019/09/msg00009.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909444 https://nvd.nist.gov

CVE-2018-16425

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect