OSV-2022-801

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2022-801

Published

2022-08-29T00:00:46.332913Z

Modified

2022-08-29T00:00:46.333151Z

Summary

Stack-buffer-overflow in sc_hsm_decode_ecdsa_signature

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50683

Crash type: Stack-buffer-overflow WRITE {*}
Crash state:
sc_hsm_decode_ecdsa_signature
sc_hsm_compute_signature
sc_compute_signature

References

Affected packages

Type: GIT
Repo: https://github.com/OpenSC/OpenSC
Events: Introduced

df1b854ae4cf9aa7421c87670e489fe8fca953a7

Fixed

581b93543abbeda6c17a5da11e2cf82401824bef

0.23.0-rc1

{
    "severity": "HIGH"
}