openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:3444-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.856516

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2024:3444-1)

Resumen: The remote host is missing an update for the 'opensc' package(s) announced via the SUSE-SU-2024:3444-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'opensc' package(s) announced via the SUSE-SU-2024:3444-1 advisory.

Vulnerability Insight:
This update for opensc fixes the following issues:

- CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076)
- CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075)
- CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074)
- CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073)
- CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072)
- CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071)
- CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (bsc#1230364)

Affected Software/OS:
'opensc' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-45615
Common Vulnerability Exposure (CVE) ID: CVE-2024-45616
Common Vulnerability Exposure (CVE) ID: CVE-2024-45617
Common Vulnerability Exposure (CVE) ID: CVE-2024-45618
Common Vulnerability Exposure (CVE) ID: CVE-2024-45619
Common Vulnerability Exposure (CVE) ID: CVE-2024-45620
Common Vulnerability Exposure (CVE) ID: CVE-2024-8443

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.856516
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:3444-1)
Resumen:	The remote host is missing an update for the 'opensc' package(s) announced via the SUSE-SU-2024:3444-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'opensc' package(s) announced via the SUSE-SU-2024:3444-1 advisory. Vulnerability Insight: This update for opensc fixes the following issues: - CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076) - CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075) - CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074) - CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073) - CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072) - CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071) - CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (bsc#1230364) Affected Software/OS: 'opensc' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-45615 Common Vulnerability Exposure (CVE) ID: CVE-2024-45616 Common Vulnerability Exposure (CVE) ID: CVE-2024-45617 Common Vulnerability Exposure (CVE) ID: CVE-2024-45618 Common Vulnerability Exposure (CVE) ID: CVE-2024-45619 Common Vulnerability Exposure (CVE) ID: CVE-2024-45620 Common Vulnerability Exposure (CVE) ID: CVE-2024-8443
Copyright	Copyright (C) 2024 Greenbone AG