1214591 – (CVE-2021-34193) VUL-0: CVE-2021-34193: opensc: stack overflow via crafted responses to APDUs

Bug 1214591 (CVE-2021-34193) - VUL-0: CVE-2021-34193: opensc: stack overflow via crafted responses to APDUs

Summary: VUL-0: CVE-2021-34193: opensc: stack overflow via crafted responses to APDUs

Status:	RESOLVED INVALID

Alias:	CVE-2021-34193

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/376006/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-34193:4.3:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-08-24 15:17 UTC by Alexander Bergmann
Modified:	2023-11-08 10:23 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2023-08-24 15:17:15 UTC

CVE-2021-34193

Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via
crafted responses to APDUs.

Currently there is no issue listed upstream at:
https://github.com/OpenSC/OpenSC

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34193
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27719
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28768
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28855
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29912
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30112
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31448
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31540
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32149
https://www.cve.org/CVERecord?id=CVE-2021-34193

Comment 1 Alexander Bergmann 2023-08-24 15:22:19 UTC

Question to upstream about the situation:

https://github.com/OpenSC/OpenSC/issues/2841

Comment 2 Otto Hollmann 2023-09-04 14:06:13 UTC

As discussed upstream, this issue is duplicate for following CVEs:
CVE-2021-42778 opensc: Heap double free in sc_pkcs15_free_tokeninfo
CVE-2021-42779 opensc: Heap use after free in sc_file_valid
CVE-2021-42780 opensc: Use after return in insert_pin function
CVE-2021-42781 opensc: Heap buffer overflow in pkcs15-oberthur.c
CVE-2021-42782 opensc: Stack buffer overflow issues in various places

All of them are already fixed in our codestreams so I suggest to close this issue as invalid.

Upstream comment:
> https://github.com/OpenSC/OpenSC/issues/2841#issuecomment-1700853357