Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title ccid security and bug fix update
Informations
Name RHSA-2013:0523 First vendor Publication 2013-02-21
Vendor RedHat Last vendor Modification 2013-02-21
Severity (Vendor) Low Revision 02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.4 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 3.4 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An updated ccid package that fixes one security issue and one bug are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

3. Description:

Chip/Smart Card Interface Devices (CCID) is a USB smart card reader standard followed by most modern smart card readers. The ccid package provides a Generic, USB-based CCID driver for readers, which follow this standard.

An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon (root, by default), by inserting a specially-crafted smart card. (CVE-2010-4530)

This update also fixes the following bug:

* Previously, CCID only recognized smart cards with 5V power supply. With this update, CCID also supports smart cards with different power supply. (BZ#808115)

All users of ccid are advised to upgrade to this updated package, which contains backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

664986 - CVE-2010-4530 CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2013-0523.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:20849
 
Oval ID: oval:org.mitre.oval:def:20849
Title: RHSA-2013:0523: ccid security and bug fix update (Low)
Description: Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.
Family: unix Class: patch
Reference(s): RHSA-2013:0523-02
CESA-2013:0523
CVE-2010-4530
 Version: 4
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
 Product(s): ccid
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23861
 
Oval ID: oval:org.mitre.oval:def:23861
Title: ELSA-2013:0523: ccid security and bug fix update (Low)
Description: Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.
Family: unix Class: patch
Reference(s): ELSA-2013:0523-02
CVE-2010-4530
 Version: 6
Platform(s): Oracle Linux 6
 Product(s): ccid
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27120
 
Oval ID: oval:org.mitre.oval:def:27120
Title: RHSA-2013:1323 -- ccid security and bug fix update (Low)
Description: Chip/Smart Card Interface Devices (CCID) is a USB smart card reader standard followed by most modern smart card readers. The ccid package provides a Generic, USB-based CCID driver for readers, which follow this standard. An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon (root, by default), by inserting a specially-crafted smart card. (CVE-2010-4530) This update also fixes the following bug: * The pcscd service failed to read from the SafeNet Smart Card 650 v1 when it was inserted into a smart card reader. The operation failed with a "IFDHPowerICC() PowerUp failed" error message. This was due to the card taking a long time to respond with a full Answer To Reset (ATR) request, which lead to a timeout, causing the card to fail to power up. This update increases the timeout value so that the aforementioned request is processed properly, and the card is powered on as expected. (BZ#907821) All ccid users are advised to upgrade to this updated package, which contains backported patches to correct these issues.
Family: unix Class: patch
Reference(s): RHSA-2013:1323
CESA-2013:1323
CVE-2010-4530
 Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
 Product(s): ccid
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27422
 
Oval ID: oval:org.mitre.oval:def:27422
Title: DEPRECATED: ELSA-2013-0523 -- ccid security and bug fix update (low)
Description: [1.3.9.6] - CVE-2010-4530 patch [1.3.9-5] - Fix dist tag [1.3.9-4] - Check multiple voltages, even if we started with 5V.
Family: unix Class: patch
Reference(s): ELSA-2013-0523
CVE-2010-4530
 Version: 4
Platform(s): Oracle Linux 6
 Product(s): ccid
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27499
 
Oval ID: oval:org.mitre.oval:def:27499
Title: ELSA-2013-1323 -- ccid security and bug fix update (low)
Description: [1.3.8-2] - fix voltage issue
Family: unix Class: patch
Reference(s): ELSA-2013-1323
CVE-2010-4530
 Version: 3
Platform(s): Oracle Linux 5
 Product(s): ccid
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

OpenVAS Exploits

Date Description
2011-01-14 Name : Fedora Update for ccid FEDORA-2011-0143
File : nvt/gb_fedora_2011_0143_ccid_fc13.nasl
2011-01-14 Name : Fedora Update for ccid FEDORA-2011-0162
File : nvt/gb_fedora_2011_0162_ccid_fc14.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
70484 PCSC-Lite pcscd CCID Driver libccid ccid_serial.c Crafted Serial Number Overflow

PCSC-Lite is prone to an overflow condition. 'ccid_serial.c 'in 'libccid' suffers from a signedness error that may be exploited to cause a buffer overflow. With a specially crafted serial number on a smart card, a physically present attacker can potentially execute arbitrary code.

Nessus® Vulnerability Scanner

Date Description
2014-11-12 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2013-1323.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_libpcsclite1-110105.nasl - Type : ACT_GATHER_INFO
2014-01-22 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-16.nasl - Type : ACT_GATHER_INFO
2013-10-11 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130930_ccid_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2013-1323.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1323.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2013-0523.nasl - Type : ACT_GATHER_INFO
2013-03-10 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2013-0523.nasl - Type : ACT_GATHER_INFO
2013-03-05 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20130221_ccid_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-02-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0523.nasl - Type : ACT_GATHER_INFO
2011-05-05 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libpcsclite1-110105.nasl - Type : ACT_GATHER_INFO
2011-02-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_pcsc-ccid-110121.nasl - Type : ACT_GATHER_INFO
2011-01-14 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0143.nasl - Type : ACT_GATHER_INFO
2011-01-14 Name : The remote Fedora host is missing a security update.
File : fedora_2011-0162.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 11:56:53
  • Multiple Updates
2013-02-21 09:18:58
  • First insertion