David Cook

#20168of 53,622
12.8Total CVSS
Vulnerabilities · 2
Medium
1
High
1
PT-2020-6137
7.5
2020-12-16
P11 Kit · P11-Kit · CVE-2020-29361
**Name of the Vulnerable Software and Affected Versions** p11-kit versions 0.21.1 through 0.23.21 **Description** An issue has been discovered in the p11-kit library and the p11-kit list command, where multiple integer overflows have been found in the array allocations. These overflows occur due to missing overflow checks before calling `realloc` or `calloc`. This can potentially allow a remote attacker to cause a denial of service. **Recommendations** For p11-kit versions 0.21.1 through 0.23.21, consider updating to a version that includes fixes for the integer overflows in the array allocations. As a temporary workaround, restrict the use of the p11-kit library and the p11-kit list command to minimize the risk of exploitation. Avoid using the `realloc` or `calloc` functions in the affected array allocations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2020-6233
5.3
2020-12-16
P11 Kit · P11-Kit · CVE-2020-29362
**Name of the Vulnerable Software and Affected Versions** p11-kit versions 0.21.1 through 0.23.21 **Description** A heap-based buffer over-read has been discovered in the RPC protocol used by the p11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation. This issue is related to the `p11 rpc buffer get byte array` function and may allow a remote attacker to access confidential data. **Recommendations** For p11-kit versions 0.21.1 through 0.23.21, consider disabling the `p11 rpc buffer get byte array` function until a patch is available to prevent potential exploitation. Restrict access to the RPC protocol used by the p11-kit server/remote commands and the client library to minimize the risk of exploitation. Avoid using the `byte array` parameter in the affected PKCS#11 function call until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.