A use-after-free vulnerability was discovered in OpenSC while disconnecting a smart card. This flaw allows a physical attacker to exploit this vulnerability by inserting and removing a malicious smart card, handled by the coolkey driver, that could potentially execute code on the target system, with privileges that depend on the particular configuration and system that makes use of the OpenSC library.
If the coolkey driver is not necessary for the configuration and system in use, it is possible to disable it by not listing it in the /etc/opensc.conf file.
For example:
app default {
card_drivers = cac, cac1, PIV-II;
}