Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided description.

Description The issue is related to a heap-buffer-overflow read, as indicated by an OSS-Fuzz report. The crash state involves several functions: cosm new file, cosm create key, and sc pkcs15init generate key. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.