Detections
Analytics

Debian dla-3668 : opensc - security update

medium Nessus Plugin ID 186290

Language:

Synopsis

The remote Debian host is missing one or more security-related updates.

Description

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3668 advisory.

 ------------------------------------------------------------------------- Debian LTS Advisory DLA-3668-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin November 27, 2023 https://wiki.debian.org/LTS
 -------------------------------------------------------------------------

 Package : opensc Version : 0.19.0-1+deb10u3 CVE ID : CVE-2023-40660 CVE-2023-40661 Debian Bug : 1055521 1055522

 Vulnerabilities were found in opensc, a set of libraries and utilities to access smart cards, which could lead to application crash or PIN bypass.

 CVE-2023-40660

 When the token/card was plugged into the computer and authenticated from one process, it could be used to provide cryptographic operations from different process when the empty, zero-length PIN and the token can track the login status using some of its internals. This is dangerous for OS logon/screen unlock and small tokens that are plugged permanently to the computer.

 The bypass was removed and explicit logout implemented for most of the card drivers to prevent leaving unattended logged-in tokens.

 CVE-2023-40661

 This advisory summarizes automatically reported issues from dynamic analyzers reports in pkcs15-init that are security relevant.

 * stack buffer overflow in sc_pkcs15_get_lastupdate() in pkcs15init;
 * heap buffer overflow in setcos_create_key() in pkcs15init;
 * heap buffer overflow in cosm_new_file() in pkcs15init;
 * stack buffer overflow in cflex_delete_file() in pkcs15init;
 * heap buffer overflow in sc_hsm_write_ef() in pkcs15init;
 * stack buffer overflow while parsing pkcs15 profile files;
 * stack buffer overflow in muscle driver in pkcs15init; and
 * stack buffer overflow in cardos driver in pkcs15init.

 All of these require physical access to the computer at the time user or administrator would be enrolling the cards (generating keys and loading certificates, other card/token management) operations.
 The attack requires crafted USB device or smart card that would present the system with specially crafted responses to the APDUs so they are considered a high-complexity and low-severity. This issue is not exploitable just by using a PKCS#11 module as done in most of the end-user deployments.

 For Debian 10 buster, these problems have been fixed in version 0.19.0-1+deb10u3.

 We recommend that you upgrade your opensc packages.

 For the detailed security status of opensc please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/opensc

 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Attachment:
 signature.asc Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the opensc packages.

See Also

https://security-tracker.debian.org/tracker/source-package/opensc

https://security-tracker.debian.org/tracker/CVE-2023-40660

https://security-tracker.debian.org/tracker/CVE-2023-40661

https://packages.debian.org/source/buster/opensc

Plugin Details

Severity: Medium

ID: 186290

File Name: debian_DLA-3668.nasl

Version: 1.1

Type: local

Agent: unix

Published: 11/27/2023

Updated: 1/22/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-40660

CVSS v3

Risk Factor: Medium

Base Score: 6.6

Temporal Score: 5.8

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:10.0, p-cpe:/a:debian:debian_linux:opensc, p-cpe:/a:debian:debian_linux:opensc-pkcs11

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 11/27/2023

Vulnerability Publication Date: 10/30/2023

Reference Information

CVE: CVE-2023-40660, CVE-2023-40661