How severe is CVE-2024-45618?

CVE-2024-45618 has a CVSS v3 score of 3.9 (LOW).

CVE-2024-45618

Name: opensc
Author: opensc_project

3.9LOW

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient

Publicado: 9/3/2024Actualizado: 11/3/2025

Descripción

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.

Análisis IAImpulsado por IA

Productos Afectados

redhatenterprise_linux

7.0

redhatenterprise_linux

8.0

redhatenterprise_linux

9.0

opensc_projectopensc

Referencias

https://access.redhat.com/security/cve/CVE-2024-45618
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2309287
Issue TrackingVendor Advisory
https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html