OSV-2023-1276

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2023-1276

Published

2023-12-10T00:04:07.333337Z

Modified

2023-12-10T00:04:07.333792Z

Summary

Heap-use-after-free in authentic_emu_update_tokeninfo

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64898

Crash type: Heap-use-after-free READ 8
Crash state:
authentic_emu_update_tokeninfo
sc_pkcs15init_update_tokeninfo
sc_pkcs15init_update_lastupdate

References

Affected packages

Type: GIT
Repo: https://github.com/OpenSC/OpenSC
Events: Introduced

6d1fcd9cf82c6501089898066656fbe6737f3ced

Fixed

5835f0d4f6c033bd58806d33fa546908d39825c9

0.24.0

{
    "severity": "HIGH"
}