{"id":"CVE-2018-16422","details":"A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.","modified":"2026-03-14T09:28:33.278474Z","published":"2018-09-04T00:29:00.777Z","related":["MGASA-2019-0019","SUSE-SU-2018:3621-1","SUSE-SU-2018:3622-1","SUSE-SU-2018:3622-2","SUSE-SU-2018:3629-1","openSUSE-SU-2024:11123-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00009.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2154"},{"type":"FIX","url":"https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-d64c08c80437cf0006ada91e50f20ba0"},{"type":"FIX","url":"https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1"},{"type":"EVIDENCE","url":"https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opensc/opensc","events":[{"introduced":"0"},{"last_affected":"eb60481f89526f34478e73815ca3bd5c0238c652"},{"fixed":"360e95d45ac4123255a4c796db96337f332160ad"},{"fixed":"b5a6f9aa6e5a8d0d2e7344319650af7f37a68581"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.18.0"}]}}],"versions":["0.12.2","0.12.2-rc1","0.13.0","0.13.0pre1","0.13.0rc1","0.14.0","0.14.0rc2","0.14.0rtm","0.15.0","0.16.0","0.16.0-rc1","0.16.0-rc2","0.17.0","0.17.0-rc1","0.17.0-rc2","0.18.0","0.18.0-rc1","0.18.0-rc2","v0.12.2","v0.16.0-pre1"],"database_specific":{"vanir_signatures":[{"digest":{"length":1384,"function_hash":"271210299797610273157981141979724814179"},"id":"CVE-2018-16422-0b99bc9e","target":{"function":"util_acl_to_str","file":"src/tools/util.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["233481318598077239565688734290162833015","97939052609524587507400894812109442123","204087041383039004585492653448018035520","131445439589440703229908460382952763572","278834472465471595746656920320176494705","139222638798623248043302620018254649039","175896651905048379003378018399321379111","224505982217859260857118268338313184916","65206650238824587225114345289817012170"]},"id":"CVE-2018-16422-0c147fac","target":{"file":"src/libopensc/card-tcos.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"length":6385,"function_hash":"3601200181852955403230350787482029340"},"id":"CVE-2018-16422-1d16052d","target":{"function":"sc_pkcs15emu_sc_hsm_init","file":"src/libopensc/pkcs15-sc-hsm.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["177921028135058265830405297954293672054","299996131515017520667429232285183170350","208610982332766045388276120179790241671","151360034371372479209290112909957341284"]},"id":"CVE-2018-16422-1e47467f","target":{"file":"src/libopensc/sc.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"length":900,"function_hash":"211357944350941154032202650742391697888"},"id":"CVE-2018-16422-2a2c565d","target":{"function":"read_public_key","file":"src/tools/cryptoflex-tool.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["180997872810827503776550627596057610293","163181184741832334222622577538376576800","295584529879602039420667828216198547267","178878409965885542681033683125132049375"]},"id":"CVE-2018-16422-3010659d","target":{"file":"src/libopensc/card-cac.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["60194579827802047239071052627609596123","336562014831331879228526401831414353461","64856043631244063980538676876814095534","215577835530444328041456047591925585022"]},"id":"CVE-2018-16422-376fa95f","target":{"file":"src/tools/egk-tool.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["50089616092642694722495152257871806558","129090270381902937559966690903769976004","194204289983092010055155575685654392737","45078233133659491793302210458452893622","17048660723993156470457524797781597423","91678529902572139490964807264491437655","226903748607216912199596345292033996604","147778325612397487462815129713062729938"]},"id":"CVE-2018-16422-3fcffabe","target":{"file":"src/libopensc/card-epass2003.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["250976598612894953921816414524457847426","329666269851755966857616801842498328952","19008280521317996949758254284125827774","177630364593721804175269770290181932638","24060003670950065524817680602091604756","89796380591064851615137692110354998869","216849173512820984644230172572648107300","320057497106042614487543469866971329847"]},"id":"CVE-2018-16422-4c1e03e7","target":{"file":"src/libopensc/card-muscle.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["274547891528856582298764442486655688352","97810758309473749134017944501921098585","124309428883519806033819612118108239208","37541873294839517359746908680105660492","311258109344094285940934742868419197417","172944704662178634957673636699151796903","246803547979912446391600656798309090247","277510741662249105929233718888949218741","231468131297730207443287027598089995813","172944704662178634957673636699151796903"]},"id":"CVE-2018-16422-52ed392b","target":{"file":"src/tools/cryptoflex-tool.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"length":602,"function_hash":"53435621884516961795550514721669502530"},"id":"CVE-2018-16422-54015c1f","target":{"function":"sc_file_set_sec_attr","file":"src/libopensc/sc.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["197179338693329959337574733795721366011","181499596042145963708832815578185416673","115686202300605459028130681808916083323","32469362041368729738471244151727158581","70975519517677111108240587619915187754","97564755112860652651284748958326495761","54722519292892086896767483020852733567","164698281020407393870005573215208205002"]},"id":"CVE-2018-16422-63c4d150","target":{"file":"src/libopensc/pkcs15-sc-hsm.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"length":1026,"function_hash":"303959976683711236987735509196219450362"},"id":"CVE-2018-16422-7bc53b8f","target":{"function":"read_private_key","file":"src/tools/cryptoflex-tool.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"length":549,"function_hash":"274405994782023040229606639159304615881"},"id":"CVE-2018-16422-7e6a598b","target":{"function":"read_file","file":"src/tools/egk-tool.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"length":854,"function_hash":"243539145408573173791081355314366755475"},"id":"CVE-2018-16422-893c7ffe","target":{"function":"epass2003_sm_unwrap_apdu","file":"src/libopensc/card-epass2003.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"length":642,"function_hash":"145994158574777877406945467475522326317"},"id":"CVE-2018-16422-b2a32803","target":{"function":"muscle_list_files","file":"src/libopensc/card-muscle.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["35700710565449482466961057702051773391","338848126074617841669023222188166574042","85193061301796843207587396052783037418","201328038495423799265820585956823551600","227092369676207675362403595507749640557","119207481776238519336941479755834020817","255421454904442896237866729116323676848"]},"id":"CVE-2018-16422-b34a839c","target":{"file":"src/tools/util.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["228609031766473617867107821980241461018","1017328676681920338293166622495075509","13781630178052024411041230002274540200","144901520378832140047242421204389340446"]},"id":"CVE-2018-16422-b7bafe9a","target":{"file":"src/libopensc/pkcs15-esteid.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"length":4678,"function_hash":"336629111418218581493741938757605402880"},"id":"CVE-2018-16422-bc480e08","target":{"function":"sc_pkcs15emu_esteid_init","file":"src/libopensc/pkcs15-esteid.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"length":2589,"function_hash":"319333348733057023251779547878790261198"},"id":"CVE-2018-16422-dc348323","target":{"function":"gemsafe_get_cert_len","file":"src/libopensc/pkcs15-gemsafeV1.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"length":3120,"function_hash":"264141390716061088029320022699475026986"},"id":"CVE-2018-16422-ecaf1d1f","target":{"function":"tcos_select_file","file":"src/libopensc/card-tcos.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"length":1112,"function_hash":"64917057538921793471670086378052155976"},"id":"CVE-2018-16422-f98248a3","target":{"function":"decrypt_response","file":"src/libopensc/card-epass2003.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"},{"digest":{"threshold":0.9,"line_hashes":["136893413313444237524668276446520478241","56761857713378916379142858959238642314","157439786862763906236340660357414583763","122716676019555905785832020813798376114"]},"id":"CVE-2018-16422-fac32456","target":{"file":"src/libopensc/pkcs15-gemsafeV1.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Line","signature_version":"v1"},{"digest":{"length":572,"function_hash":"56864691758844525895391192766386179059"},"id":"CVE-2018-16422-fc70b896","target":{"function":"cac_get_serial_nr_from_CUID","file":"src/libopensc/card-cac.c"},"deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","signature_type":"Function","signature_version":"v1"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16422.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}