Medium severity6.8NVD Advisory· Published Apr 29, 2020· Updated Jun 17, 2026
CVE-2019-20792
CVE-2019-20792
Description
OpenSC before 0.20.0 has a double free in coolkey_free_private_data because coolkey_add_object in libopensc/card-coolkey.c lacks a uniqueness check.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- OpenSC/OpenSCdescription
- osv-coords7 versionspkg:rpm/opensuse/opensc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/opensc&distro=openSUSE%20Tumbleweedpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015
< 0.19.0-lp152.3.3.1+ 6 more
- (no CPE)range: < 0.19.0-lp152.3.3.1
- (no CPE)range: < 0.22.0-3.1
- (no CPE)range: < 0.18.0-150000.3.23.1
- (no CPE)range: < 0.18.0-150000.3.23.1
- (no CPE)range: < 0.19.0-3.7.1
- (no CPE)range: < 0.18.0-150000.3.23.1
- (no CPE)range: < 0.18.0-150000.3.23.1
Patches
Vulnerability mechanics
References
3- github.com/OpenSC/OpenSC/commit/c246f6f69a749d4f68626b40795a4f69168008f4nvdPatchThird Party Advisory
- bugs.chromium.org/p/oss-fuzz/issues/detailnvdExploitThird Party Advisory
- github.com/OpenSC/OpenSC/compare/0.19.0...0.20.0nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.