Lucene search

Ubuntu.comUB:CVE-2019-15946

HistorySep 05, 2019 - 12:00 a.m.

CVE-2019-15946

2019-09-0500:00:00

ubuntu.com

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

6.4

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

69.5%

JSON

OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet
string in asn1_decode_entry in libopensc/asn1.c.

Bugs

<https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939669>

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchopensc< 0.17.0-3ubuntu0.1~esm1UNKNOWN
ubuntu16.04noarchopensc< 0.15.0-1ubuntu1+esm1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	opensc	< 0.17.0-3ubuntu0.1~esm1	UNKNOWN
ubuntu	16.04	noarch	opensc	< 0.15.0-1ubuntu1+esm1	UNKNOWN

References

github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740

github.com/OpenSC/OpenSC/compare/f1691fc...12218d4

launchpad.net/bugs/cve/CVE-2019-15946

nvd.nist.gov/vuln/detail/CVE-2019-15946

security-tracker.debian.org/tracker/CVE-2019-15946

ubuntu.com/security/notices/USN-5281-1

www.cve.org/CVERecord?id=CVE-2019-15946

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

6.4

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

69.5%

JSON

Related for UB:CVE-2019-15946