OSV-2023-578

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/opensc/OSV-2023-578.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-578
Published
2023-07-17T14:00:32.356018Z
Modified
2023-07-17T14:00:32.356264Z
Summary
Heap-buffer-overflow in cosm_new_file
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60650

Crash type: Heap-buffer-overflow READ 1
Crash state:
cosm_new_file
cosm_create_key
sc_pkcs15init_generate_key
References

Affected packages

OSS-Fuzz / opensc

Package

Name
opensc
Purl
pkg:generic/opensc

Affected ranges

Type
GIT
Repo
https://github.com/OpenSC/OpenSC
Events
Introduced
22f73781706a293d10ebe982ece863a73fd62bf3
Fixed
41d61da8481582e12710b5858f8b635e0a71ab5e

Ecosystem specific 

{
    "severity": "MEDIUM"
}