Denial Of Service (DoS)

2019-05-0206:36:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

26.7%

JSON

libcacard is vulnerable to denial of service. Attackers with local access could cause a system hang using excessive consumption of memory. The vulnerability exists in the function vcard_apdu_new of the file card_7816.c and exploitable via vectors related to allocating a new APDU object.

CPENameOperatorVersion
qemu-kvm-rheveq2.6.0__28.el7_3.3
qemu-kvm-rheveq2.3.0__31.el7_2.16
qemu-kvm-rheveq2.3.0__31.el7_2.15
qemu-kvm-rheveq2.3.0__31.el7
qemu-kvm-rheveq2.6.0__28.el7_3.17
qemu-kvm-rheveq2.1.2__23.el7
qemu-kvm-rheveq2.1.2__23.el7_1.10
qemu-kvm-rheveq2.3.0__31.el7_2.19
qemu-kvm-rheveq2.3.0__31.el7_2.23
qemu-kvm-rheveq2.3.0__31.el7_2.21

Name	Operator	Version
qemu-kvm-rhev	eq	2.6.0__28.el7_3.3
qemu-kvm-rhev	eq	2.3.0__31.el7_2.16
qemu-kvm-rhev	eq	2.3.0__31.el7_2.15
qemu-kvm-rhev	eq	2.3.0__31.el7
qemu-kvm-rhev	eq	2.6.0__28.el7_3.17
qemu-kvm-rhev	eq	2.1.2__23.el7
qemu-kvm-rhev	eq	2.1.2__23.el7_1.10
qemu-kvm-rhev	eq	2.3.0__31.el7_2.19
qemu-kvm-rhev	eq	2.3.0__31.el7_2.23
qemu-kvm-rhev	eq	2.3.0__31.el7_2.21