{"affected":[{"ecosystem_specific":{"binaries":[{"opensc":"0.24.0-slfo.1.1_2.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.1","name":"opensc","purl":"pkg:rpm/suse/opensc&distro=SUSE%20Linux%20Micro%206.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.24.0-slfo.1.1_2.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for opensc fixes the following issues:\n\n- CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386).\n- CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (bsc#1230364).\n- CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (bsc#1230076).\n- CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (bsc#1230075).\n- CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (bsc#1230074).\n- CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (bsc#1230073).\n- CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc (bsc#1230072).\n- CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init (bsc#1230071).\n","id":"SUSE-SU-2025:20671-1","modified":"2025-09-05T12:16:37Z","published":"2025-09-05T12:16:37Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520671-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219386"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230071"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230072"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230073"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230074"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230075"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230076"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230364"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5992"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45615"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45616"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45617"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45618"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45619"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-45620"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-8443"}],"related":["CVE-2023-5992","CVE-2024-45615","CVE-2024-45616","CVE-2024-45617","CVE-2024-45618","CVE-2024-45619","CVE-2024-45620","CVE-2024-8443"],"summary":"Security update for opensc","upstream":["CVE-2023-5992","CVE-2024-45615","CVE-2024-45616","CVE-2024-45617","CVE-2024-45618","CVE-2024-45619","CVE-2024-45620","CVE-2024-8443"]}