How severe is CVE-2024-45616?

CVE-2024-45616 has a CVSS v3 score of 3.9 (LOW).

CVE-2024-45616

Name: opensc
Author: opensc_project

3.9LOW

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafte

Published: 9/3/2024Updated: 11/3/2025

Description

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.

AI AnalysisPowered by AI

Affected Products

redhatenterprise_linux

7.0

redhatenterprise_linux

8.0

redhatenterprise_linux

9.0

opensc_projectopensc

References

https://access.redhat.com/security/cve/CVE-2024-45616
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2309290
Issue TrackingVendor Advisory
https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html