How severe is CVE-2024-45616?

CVE-2024-45616 has a CVSS v3 score of 3.9 (LOW).

CVE-2024-45616

Name: opensc
Author: opensc_project

3.9LOW

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafte

Publicado: 9/3/2024Atualizado: 11/3/2025

Descrição

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.

Análise IADesenvolvido por IA

Produtos Afetados

redhatenterprise_linux

7.0

redhatenterprise_linux

8.0

redhatenterprise_linux

9.0

opensc_projectopensc

Referências

https://access.redhat.com/security/cve/CVE-2024-45616
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2309290
Issue TrackingVendor Advisory
https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html