CVE-2021-34193
Publication date 22 August 2023
Last updated 8 January 2025
Ubuntu priority
Cvss 3 Severity Score
Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.
Status
Package | Ubuntu Release | Status |
---|---|---|
opensc | 24.10 oracular |
Needs evaluation
|
24.04 LTS noble |
Needs evaluation
|
|
22.04 LTS jammy |
Not affected
|
|
20.04 LTS focal |
Needs evaluation
|
|
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial |
Needs evaluation
|
|
14.04 LTS trusty | Ignored end of standard support |
Notes
octagalland
According to the discussion at https://github.com/OpenSC/OpenSC/issues/2841, this CVE is a duplicate of the following CVEs: CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781, and CVE-2021-42782.
Severity score breakdown
Parameter | Value |
---|---|
Base score |
|
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | None |
Availability impact | High |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
References
Other references
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28768
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29912
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27719
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32149
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30112
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31448
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31540
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28855
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843
- https://www.cve.org/CVERecord?id=CVE-2021-34193
- https://github.com/OpenSC/OpenSC/issues/2841