CVE-2018-16419
Description
Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overflow in OpenSC's cryptoflex-tool.c allows attackers to cause denial of service or other impact via crafted smartcard responses.
Vulnerability
A buffer overflow vulnerability exists in the read_public_key function in tools/cryptoflex-tool.c of OpenSC before version 0.19.0-rc1. When handling responses from a Cryptoflex card, insufficient bounds checking can lead to a buffer overflow. This affects OpenSC versions prior to the fix [1][2].
Exploitation
An attacker with access to a smartcard can exploit this vulnerability by supplying a crafted smartcard that sends malformed responses to APDU commands. No special privileges beyond physical or logical access to the smartcard reader are required. The attacker simply needs to present the malicious card to a system running the vulnerable OpenSC version and trigger the cryptoflex-tool read_public_key operation [2].
Impact
Successful exploitation can result in a denial of service (application crash) or potentially other unspecified impacts, such as arbitrary code execution. The vulnerability is an out-of-bounds write that can corrupt memory, potentially allowing the attacker to compromise the confidentiality, integrity, or availability of the system [1][2].
Mitigation
The vulnerability is fixed in OpenSC version 0.19.0-rc1, released on 2018-09-04 [4]. Red Hat issued an erratum RHSA-2019:2154 in September 2019 [1]. Users should update to the patched version. There is no known workaround for unpatched versions.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12- Range: <0.19.0-rc1
- osv-coords11 versionspkg:rpm/opensuse/opensc&distro=openSUSE%20Tumbleweedpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
< 0.21.0-2.2+ 10 more
- (no CPE)range: < 0.21.0-2.2
- (no CPE)range: < 0.13.0-3.3.2
- (no CPE)range: < 0.13.0-3.3.2
- (no CPE)range: < 0.18.0-3.8.1
- (no CPE)range: < 0.11.6-5.27.3.1
- (no CPE)range: < 0.13.0-3.3.2
- (no CPE)range: < 0.13.0-3.3.2
- (no CPE)range: < 0.11.6-5.27.3.1
- (no CPE)range: < 0.13.0-3.3.2
- (no CPE)range: < 0.13.0-3.3.2
- (no CPE)range: < 0.11.6-5.27.3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- access.redhat.com/errata/RHSA-2019:2154mitrevendor-advisoryx_refsource_REDHAT
- github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160admitrex_refsource_MISC
- github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2019/09/msg00009.htmlmitremailing-listx_refsource_MLIST
- www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.