{"id":"CVE-2018-16423","details":"A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.","modified":"2026-04-16T06:18:21.220823056Z","published":"2018-09-04T00:29:00.903Z","related":["SUSE-SU-2018:3621-1","SUSE-SU-2018:3622-1","SUSE-SU-2018:3622-2","SUSE-SU-2018:3629-1","openSUSE-SU-2024:11123-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00009.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2154"},{"type":"FIX","url":"https://github.com/OpenSC/OpenSC/commit/360e95d45ac4123255a4c796db96337f332160ad#diff-db0cd89ff279ad8c7b3bb780cdf2770a"},{"type":"FIX","url":"https://github.com/OpenSC/OpenSC/releases/tag/0.19.0-rc1"},{"type":"EVIDENCE","url":"https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opensc/opensc","events":[{"introduced":"0"},{"last_affected":"eb60481f89526f34478e73815ca3bd5c0238c652"},{"fixed":"360e95d45ac4123255a4c796db96337f332160ad"},{"fixed":"b5a6f9aa6e5a8d0d2e7344319650af7f37a68581"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.18.0"}]}}],"versions":["0.12.2","0.12.2-rc1","0.13.0","0.13.0pre1","0.13.0rc1","0.14.0","0.14.0rc2","0.14.0rtm","0.15.0","0.16.0","0.17.0","0.17.0-rc1","0.17.0-rc2","0.18.0","0.18.0-rc1","0.18.0-rc2","v0.12.2","v0.16.0-pre1"],"database_specific":{"vanir_signatures_modified":"2026-04-11T12:27:51Z","vanir_signatures":[{"signature_version":"v1","signature_type":"Function","deprecated":false,"id":"CVE-2018-16423-0b99bc9e","source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"function_hash":"271210299797610273157981141979724814179","length":1384},"target":{"function":"util_acl_to_str","file":"src/tools/util.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-0c147fac","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"line_hashes":["233481318598077239565688734290162833015","97939052609524587507400894812109442123","204087041383039004585492653448018035520","131445439589440703229908460382952763572","278834472465471595746656920320176494705","139222638798623248043302620018254649039","175896651905048379003378018399321379111","224505982217859260857118268338313184916","65206650238824587225114345289817012170"],"threshold":0.9},"target":{"file":"src/libopensc/card-tcos.c"}},{"signature_version":"v1","signature_type":"Function","deprecated":false,"id":"CVE-2018-16423-1d16052d","digest":{"function_hash":"3601200181852955403230350787482029340","length":6385},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"function":"sc_pkcs15emu_sc_hsm_init","file":"src/libopensc/pkcs15-sc-hsm.c"}},{"signature_version":"v1","signature_type":"Line","deprecated":false,"id":"CVE-2018-16423-1e47467f","digest":{"line_hashes":["177921028135058265830405297954293672054","299996131515017520667429232285183170350","208610982332766045388276120179790241671","151360034371372479209290112909957341284"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/libopensc/sc.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-2a2c565d","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"function_hash":"211357944350941154032202650742391697888","length":900},"target":{"function":"read_public_key","file":"src/tools/cryptoflex-tool.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-3010659d","deprecated":false,"digest":{"line_hashes":["180997872810827503776550627596057610293","163181184741832334222622577538376576800","295584529879602039420667828216198547267","178878409965885542681033683125132049375"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/libopensc/card-cac.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-376fa95f","deprecated":false,"digest":{"line_hashes":["60194579827802047239071052627609596123","336562014831331879228526401831414353461","64856043631244063980538676876814095534","215577835530444328041456047591925585022"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/tools/egk-tool.c"}},{"signature_version":"v1","signature_type":"Line","deprecated":false,"id":"CVE-2018-16423-3fcffabe","digest":{"line_hashes":["50089616092642694722495152257871806558","129090270381902937559966690903769976004","194204289983092010055155575685654392737","45078233133659491793302210458452893622","17048660723993156470457524797781597423","91678529902572139490964807264491437655","226903748607216912199596345292033996604","147778325612397487462815129713062729938"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/libopensc/card-epass2003.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-4c1e03e7","deprecated":false,"digest":{"line_hashes":["250976598612894953921816414524457847426","329666269851755966857616801842498328952","19008280521317996949758254284125827774","177630364593721804175269770290181932638","24060003670950065524817680602091604756","89796380591064851615137692110354998869","216849173512820984644230172572648107300","320057497106042614487543469866971329847"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/libopensc/card-muscle.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-52ed392b","deprecated":false,"digest":{"line_hashes":["274547891528856582298764442486655688352","97810758309473749134017944501921098585","124309428883519806033819612118108239208","37541873294839517359746908680105660492","311258109344094285940934742868419197417","172944704662178634957673636699151796903","246803547979912446391600656798309090247","277510741662249105929233718888949218741","231468131297730207443287027598089995813","172944704662178634957673636699151796903"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/tools/cryptoflex-tool.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-54015c1f","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"function_hash":"53435621884516961795550514721669502530","length":602},"target":{"function":"sc_file_set_sec_attr","file":"src/libopensc/sc.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-63c4d150","deprecated":false,"digest":{"line_hashes":["197179338693329959337574733795721366011","181499596042145963708832815578185416673","115686202300605459028130681808916083323","32469362041368729738471244151727158581","70975519517677111108240587619915187754","97564755112860652651284748958326495761","54722519292892086896767483020852733567","164698281020407393870005573215208205002"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/libopensc/pkcs15-sc-hsm.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-7bc53b8f","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"function_hash":"303959976683711236987735509196219450362","length":1026},"target":{"function":"read_private_key","file":"src/tools/cryptoflex-tool.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-7e6a598b","deprecated":false,"digest":{"function_hash":"274405994782023040229606639159304615881","length":549},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"function":"read_file","file":"src/tools/egk-tool.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-893c7ffe","deprecated":false,"digest":{"function_hash":"243539145408573173791081355314366755475","length":854},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"function":"epass2003_sm_unwrap_apdu","file":"src/libopensc/card-epass2003.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-b2a32803","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"function_hash":"145994158574777877406945467475522326317","length":642},"target":{"function":"muscle_list_files","file":"src/libopensc/card-muscle.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-b34a839c","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"line_hashes":["35700710565449482466961057702051773391","338848126074617841669023222188166574042","85193061301796843207587396052783037418","201328038495423799265820585956823551600","227092369676207675362403595507749640557","119207481776238519336941479755834020817","255421454904442896237866729116323676848"],"threshold":0.9},"target":{"file":"src/tools/util.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-b7bafe9a","deprecated":false,"digest":{"line_hashes":["228609031766473617867107821980241461018","1017328676681920338293166622495075509","13781630178052024411041230002274540200","144901520378832140047242421204389340446"],"threshold":0.9},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"file":"src/libopensc/pkcs15-esteid.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-bc480e08","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"function_hash":"336629111418218581493741938757605402880","length":4678},"target":{"function":"sc_pkcs15emu_esteid_init","file":"src/libopensc/pkcs15-esteid.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-dc348323","deprecated":false,"digest":{"function_hash":"319333348733057023251779547878790261198","length":2589},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"function":"gemsafe_get_cert_len","file":"src/libopensc/pkcs15-gemsafeV1.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-ecaf1d1f","deprecated":false,"digest":{"function_hash":"264141390716061088029320022699475026986","length":3120},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"function":"tcos_select_file","file":"src/libopensc/card-tcos.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-f98248a3","deprecated":false,"digest":{"function_hash":"64917057538921793471670086378052155976","length":1112},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"function":"decrypt_response","file":"src/libopensc/card-epass2003.c"}},{"signature_version":"v1","signature_type":"Line","id":"CVE-2018-16423-fac32456","deprecated":false,"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","digest":{"line_hashes":["136893413313444237524668276446520478241","56761857713378916379142858959238642314","157439786862763906236340660357414583763","122716676019555905785832020813798376114"],"threshold":0.9},"target":{"file":"src/libopensc/pkcs15-gemsafeV1.c"}},{"signature_version":"v1","signature_type":"Function","id":"CVE-2018-16423-fc70b896","deprecated":false,"digest":{"function_hash":"56864691758844525895391192766386179059","length":572},"source":"https://github.com/opensc/opensc/commit/360e95d45ac4123255a4c796db96337f332160ad","target":{"function":"cac_get_serial_nr_from_CUID","file":"src/libopensc/card-cac.c"}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16423.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}