mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-13 17:39:57 +00:00
Code Issues Projects Releases Wiki Activity

opensc: patch CVE-2025-66037

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-66037

Backport the patch that is referenced by the upstream wiki
page[1] that is related to this vulnerability.

[1]: https://github.com/OpenSC/OpenSC/wiki/CVE-2025-66037

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Gyorgy Sarvari
2026-04-07 11:52:44 +02:00
committed by Anuj Mittal
parent 7c8dd8d492
commit 73034a4fe1
2 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-support/opensc/opensc/CVE-2025-66037.patch
+34
View File
@@ -0,0 +1,34 @@
From 29fce41f0b65e8467745b385b0bafbb79e72d33d Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 25 Nov 2025 15:58:02 +0100
Subject: [PATCH] pkcs15: Avoid buffer overrun on invalid data
Invalid data can contain zero-length buffer, which after copying
was dereferenced without length check
Credit: Aldo Ristori
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
CVE: CVE-2025-66037
Upstream-Status: Backport [https://github.com/OpenSC/OpenSC/commit/65fc211015cfcac27b10d0876054156c97225f50]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
src/libopensc/pkcs15-pubkey.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/libopensc/pkcs15-pubkey.c b/src/libopensc/pkcs15-pubkey.c
index 83f3feb26..e6bf803f4 100644
--- a/src/libopensc/pkcs15-pubkey.c
+++ b/src/libopensc/pkcs15-pubkey.c
@@ -1328,6 +1328,10 @@ sc_pkcs15_pubkey_from_spki_fields(struct sc_context *ctx, struct sc_pkcs15_pubke
"sc_pkcs15_pubkey_from_spki_fields() called: %p:%"SC_FORMAT_LEN_SIZE_T"u\n%s",
buf, buflen, sc_dump_hex(buf, buflen));
+ if (buflen < 1) {
+ LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "subjectPublicKeyInfo can not be empty");
+ }
+
tmp_buf = malloc(buflen);
if (!tmp_buf) {
r = SC_ERROR_OUT_OF_MEMORY;
meta-oe/recipes-support/opensc/opensc_0.26.1.bb
+1
View File
@@ -14,6 +14,7 @@ DEPENDS = "openssl"
SRCREV = "043343d2df7b09d1938bc3dc313d86a96be457cc"
SRC_URI = "git://github.com/OpenSC/OpenSC;branch=0.26.1;protocol=https \
file://CVE-2025-49010.patch \
file://CVE-2025-66037.patch \
"
CVE_STATUS[CVE-2024-8443] = "fixed-version: this is fixed since 0.26.0"