Bug 1107033 (CVE-2018-16427)

Summary: VUL-1: CVE-2018-16427: opensc: out of bounds reads when handling responses in OpenSC
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P4 - Low CC: abergmann, astieger, mmachova, smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/213702/
Whiteboard: CVSSv3:SUSE:CVE-2018-16427:4.6:(AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) CVSSv3:RedHat:CVE-2018-16427:4.3:(AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) maint:released:sle10-sp3:64159 CVSSv2:NVD:CVE-2018-16427:2.1:(AV:L/AC:L/Au:N/C:N/I:N/A:P) CVSSv3:NVD:CVE-2018-16427:4.3:(AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Bergmann 2018-09-04 09:27:23 UTC 
CVE-2018-16427

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1
could be used by attackers able to supply crafted smartcards to potentially
crash the opensc library using programs.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16427
https://github.com/OpenSC/OpenSC/pull/1447/commits/8fe377e93b4b56060e5bbfb6f3142ceaeca744fa
Comment 1 Marcus Meissner 2018-10-02 12:09:17 UTC 
reassign to (new/old) maitnainer
Comment 8 Swamp Workflow Management 2018-10-16 13:23:06 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2018-10-30.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/64158
Comment 9 Swamp Workflow Management 2018-11-05 20:10:33 UTC 
SUSE-SU-2018:3621-1: An update that solves 8 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1104812,1106998,1106999,1107033,1107037,1107038,1107039,1107107,1108318
CVE References: CVE-2018-16391,CVE-2018-16392,CVE-2018-16393,CVE-2018-16418,CVE-2018-16419,CVE-2018-16422,CVE-2018-16423,CVE-2018-16427
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    opensc-0.11.6-5.27.3.1
SUSE Linux Enterprise Server 11-SP4 (src):    opensc-0.11.6-5.27.3.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    opensc-0.11.6-5.27.3.1
Comment 10 Swamp Workflow Management 2018-11-05 20:12:08 UTC 
SUSE-SU-2018:3622-1: An update that solves 10 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1104812,1106998,1106999,1107033,1107034,1107037,1107038,1107039,1107097,1107107,1108318
CVE References: CVE-2018-16391,CVE-2018-16392,CVE-2018-16393,CVE-2018-16418,CVE-2018-16419,CVE-2018-16420,CVE-2018-16422,CVE-2018-16423,CVE-2018-16426,CVE-2018-16427
Sources used:
SUSE Linux Enterprise Server 12-SP3 (src):    opensc-0.13.0-3.3.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    opensc-0.13.0-3.3.2
Comment 11 Swamp Workflow Management 2018-11-05 20:18:20 UTC 
SUSE-SU-2018:3629-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1104812,1106998,1106999,1107033,1107034,1107035,1107036,1107037,1107038,1107039,1107049,1107097,1107107,1108318
CVE References: CVE-2018-16391,CVE-2018-16392,CVE-2018-16393,CVE-2018-16418,CVE-2018-16419,CVE-2018-16420,CVE-2018-16421,CVE-2018-16422,CVE-2018-16423,CVE-2018-16424,CVE-2018-16425,CVE-2018-16426,CVE-2018-16427
Sources used:
SUSE Linux Enterprise Module for Basesystem 15 (src):    opensc-0.18.0-3.8.1
Comment 12 Andreas Stieger 2018-11-09 20:14:27 UTC 
done
Comment 13 Swamp Workflow Management 2018-11-09 23:18:08 UTC 
openSUSE-SU-2018:3701-1: An update that solves 10 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1104812,1106998,1106999,1107033,1107034,1107037,1107038,1107039,1107097,1107107,1108318
CVE References: CVE-2018-16391,CVE-2018-16392,CVE-2018-16393,CVE-2018-16418,CVE-2018-16419,CVE-2018-16420,CVE-2018-16422,CVE-2018-16423,CVE-2018-16426,CVE-2018-16427
Sources used:
openSUSE Leap 42.3 (src):    opensc-0.13.0-9.3.1
Comment 14 Swamp Workflow Management 2018-11-09 23:28:03 UTC 
openSUSE-SU-2018:3716-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1104812,1106998,1106999,1107033,1107034,1107035,1107036,1107037,1107038,1107039,1107049,1107097,1107107,1108318
CVE References: CVE-2018-16391,CVE-2018-16392,CVE-2018-16393,CVE-2018-16418,CVE-2018-16419,CVE-2018-16420,CVE-2018-16421,CVE-2018-16422,CVE-2018-16423,CVE-2018-16424,CVE-2018-16425,CVE-2018-16426,CVE-2018-16427
Sources used:
openSUSE Leap 15.0 (src):    opensc-0.18.0-lp150.2.9.1
Comment 15 Swamp Workflow Management 2018-12-10 17:14:42 UTC 
SUSE-SU-2018:3622-2: An update that solves 10 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1104812,1106998,1106999,1107033,1107034,1107037,1107038,1107039,1107097,1107107,1108318
CVE References: CVE-2018-16391,CVE-2018-16392,CVE-2018-16393,CVE-2018-16418,CVE-2018-16419,CVE-2018-16420,CVE-2018-16422,CVE-2018-16423,CVE-2018-16426,CVE-2018-16427
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    opensc-0.13.0-3.3.2
SUSE Linux Enterprise Desktop 12-SP4 (src):    opensc-0.13.0-3.3.2