CVE-2009-0368

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.11.8 OpenSC versions prior to 0.11.7

Description The issue affects the opensc package in Gentoo Linux and Debian GNU/Linux operating systems, potentially leading to a breach of protected information confidentiality. Exploitation can be performed remotely or by a local attacker. Specifically, it allows physically proximate attackers to bypass intended PIN requirements and read private data objects via low-level APDU commands or debugging tools.

Recommendations For versions prior to 0.11.7, consider restricting access to debugging tools and low-level APDU commands to minimize the risk of exploitation. For versions prior to 0.11.8, update to version 0.11.8 or later to resolve the issue.