RLSA-2024:0966

See a problem?
Please try reporting it to the source first.

Source

https://errata.rockylinux.org/RLSA-2024:0966

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2024:0966.json

JSON Data

https://api.osv.dev/v1/vulns/RLSA-2024:0966

Published

2025-05-07T19:13:03.633594Z

Modified

2025-05-07T20:08:45.531194Z

Upstream

CVE-2023-5992

Severity

5.6 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator

Summary

Moderate: opensc security update

Details

The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic operations and enables their use for authentication, mail encryption, or digital signatures.

Security Fix(es):

OpenSC: Side-channel leaks while stripping encryption PKCS#1 padding (CVE-2023-5992)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Credits

- Rocky Enterprise Software Foundation
- Red Hat

Affected packages

Rocky Linux:9 / opensc

Package

Name: opensc
Purl: pkg:rpm/rocky-linux/opensc?distro=rocky-linux-9&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.23.0-4.el9_3