PT-2026-44841 · Opensc · Opensc
Nicholas Carlini
·
Published
2026-05-29
·
Updated
2026-05-29
·
CVE-2026-40528
CVSS v3.1
3.8
Low
| Vector | AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
OpenSC versions prior to 0.27.0
Description
A stack and heap buffer overrun occurs in the
do key value() function within src/pkcs15init/profile.c. This issue allows memory corruption when a crafted profile configuration file is supplied. During the invocation of pkcs15-init, a key value entry starting with '=' followed by more than the size of keybuf is copied into keybuf using memcpy without a length check.Recommendations
Update to version 0.27.0 or apply the fix from commit 0358817.
Fix
Heap Based Buffer Overflow
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Opensc