CVE-2020-26571
Description
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A stack-based buffer overflow in OpenSC's gemsafe GPK driver (before 0.21.0-rc1) allows local code execution via crafted smart card responses.
Vulnerability
A stack-based buffer overflow exists in the sc_pkcs15emu_gemsafeGPK_init function of the GemSafe GPK smart card software driver in OpenSC versions prior to 0.21.0-rc1. The vulnerability is triggered during PKCS#15 emulation when processing maliciously crafted smart card responses, potentially allowing an attacker to overwrite stack memory.
Exploitation
An attacker must have local access to a system with a vulnerable OpenSC installation and be able to insert a specially crafted smart card or provide malicious data that the driver will process via sc_pkcs15emu_gemsafeGPK_init. No authentication is needed beyond the ability to present the smart card to the reader; the overflow occurs during initial card response parsing.
Impact
Successful exploitation results in stack-based buffer overflow, which can lead to arbitrary code execution with the privileges of the process using OpenSC (often root or high-integrity user). This can allow an attacker to fully compromise the host system, including reading sensitive data from secure elements or executing arbitrary commands.
Mitigation
The vulnerability is fixed in OpenSC version 0.21.0-rc1 and later, as released on November 24, 2020 [1]. Users are advised to upgrade immediately. No workarounds are available; the fix is included in the 0.21.0 release [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
12- gemsafe GPK/smart card software driverdescription
- osv-coords10 versionspkg:rpm/almalinux/openscpkg:rpm/opensuse/opensc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/opensc&distro=openSUSE%20Tumbleweedpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015
< 0.20.0-4.el8+ 9 more
- (no CPE)range: < 0.20.0-4.el8
- (no CPE)range: < 0.19.0-lp152.3.3.1
- (no CPE)range: < 0.21.0-2.2
- (no CPE)range: < 0.18.0-150000.3.23.1
- (no CPE)range: < 0.18.0-150000.3.23.1
- (no CPE)range: < 0.19.0-3.7.1
- (no CPE)range: < 0.13.0-3.11.1
- (no CPE)range: < 0.18.0-150000.3.23.1
- (no CPE)range: < 0.13.0-3.11.1
- (no CPE)range: < 0.18.0-150000.3.23.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXOHFDMNMO6IDECAGUTB3SJGAGXVRT6S/mitrevendor-advisoryx_refsource_FEDORA
- www.openwall.com/lists/oss-security/2020/11/24/4mitremailing-listx_refsource_MLIST
- bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2021/11/msg00027.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.