Bug 1158305 - (CVE-2019-19481) VUL-1: CVE-2019-19481: opensc: improper handling of buffer limits for CAC certificates
(CVE-2019-19481)
VUL-1: CVE-2019-19481: opensc: improper handling of buffer limits for CAC cer...
Status: IN_PROGRESS
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/248188/
CVSSv3.1:SUSE:CVE-2019-19481:4.4:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-12-03 14:17 UTC by Alexandros Toptsoglou
Modified: 2022-03-30 19:28 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-12-03 14:17:56 UTC
CVE-2019-19481

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19481
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19481.html
Comment 1 Alexandros Toptsoglou 2019-12-03 14:20:40 UTC
Only SLE15 with version 0.18 is affected. The issue introduced in version 0.17, then the affected code removed in 0.19 (version of SLE15-SP1) and re-introduced in version 0.20.

The fix is available at [0]. Additional information that I do not have access yet at [1].

[0]https://github.com/OpenSC/OpenSC/commit/b75c002cfb1fd61cd20ec938ff4937d7b1a94278
[1]https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18618
Comment 3 Jason Sikes 2021-03-22 18:22:02 UTC
|   issue | stream             | patch                              | request |
|---------+--------------------+------------------------------------+---------|
| 1158305 | SUSE:SLE-15:Update | opensc-0_18_0-CVE-2019-19481.patch |  238394 |
Comment 9 Swamp Workflow Management 2022-03-30 19:28:23 UTC
SUSE-SU-2022:1041-1: An update that solves 13 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1114649,1122756,1149746,1149747,1158256,1158305,1170809,1177364,1177378,1177380,1191957,1191992,1192000,1192005
CVE References: CVE-2019-15945,CVE-2019-15946,CVE-2019-19479,CVE-2019-19481,CVE-2019-20792,CVE-2019-6502,CVE-2020-26570,CVE-2020-26571,CVE-2020-26572,CVE-2021-42779,CVE-2021-42780,CVE-2021-42781,CVE-2021-42782
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    opensc-0.18.0-150000.3.23.1
SUSE Linux Enterprise Server 15-LTSS (src):    opensc-0.18.0-150000.3.23.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    opensc-0.18.0-150000.3.23.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    opensc-0.18.0-150000.3.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.