How severe is CVE-2024-45616?

CVE-2024-45616 has a CVSS v3 score of 3.9 (LOW).

CVE-2024-45616

Name: opensc
Author: opensc_project

3.9LOW

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafte

Publicado: 9/3/2024Actualizado: 11/3/2025

Descripción

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.

Análisis IAImpulsado por IA

Productos Afectados

redhatenterprise_linux

7.0

redhatenterprise_linux

8.0

redhatenterprise_linux

9.0

opensc_projectopensc

Referencias

https://access.redhat.com/security/cve/CVE-2024-45616
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2309290
Issue TrackingVendor Advisory
https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html