CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key

This advisory summarizes automatically reported security-relevant issues reported since the release of OpenSC 0.25.1.

The Heap Buffer Overflow vulnerability was identified within the OpenPGP driver during the card enrollment process using the pkcs15-init tool to generate RSA or ECDSA key when a user or administrator enrolls or modifies cards, but it can also be encountered when using the driver for key generation (for example via openpgp-tool). The attack requires a crafted USB device or smart card to present the system with specially crafted responses to the APDUs, which are considered high complexity and low severity. This manipulation can potentially compromise card management operations during enrollment and modification of the keys on the card.

• Heap buffer overflow in openpgp_generate_key_rsa
  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68952
  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71010
  • fixed in b28a3cef416fcfb92fbb9ea7fd3c71df52c6c9fc
• Heap buffer overflow in pgp_calculate_and_store_fingerprint
  • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68952
  • fixed in 02e847458369c08421fd2d5e9a16a5f272c2de9e

Originally reported by OSS-fuzz automated service.

CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N (3.4)