How severe is CVE-2024-45617?

CVE-2024-45617 has a CVSS v3 score of 3.9 (LOW).

CVE-2024-45617

Name: opensc
Author: opensc_project

3.9LOW

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafte

Publicado: 9/3/2024Atualizado: 11/3/2025

Descrição

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.

Análise IADesenvolvido por IA

Produtos Afetados

redhatenterprise_linux

7.0

redhatenterprise_linux

8.0

redhatenterprise_linux

9.0

opensc_projectopensc

Referências

https://access.redhat.com/security/cve/CVE-2024-45617
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2309286
Issue TrackingVendor Advisory
https://lists.debian.org/debian-lts-announce/2024/12/msg00026.html