CVE-2023-40660

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.6 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Affected Products (NVD)
VendorProductVersion
opensc_projectopensc
𝑥
≤ 0.23.0
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
opensc
bookworm
0.23.0-0.3+deb12u1
fixed
bullseye
vulnerable
bullseye (security)
0.21.0-1+deb11u1
fixed
sid
0.26.0-1
fixed
trixie
0.26.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
opensc
bionic
needs-triage
focal
needs-triage
jammy
needs-triage
lunar
ignored
mantic
ignored
noble
needs-triage
oracular
needs-triage
trusty
ignored
xenial
needs-triage
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
opensc
RHEL 9
0:0.23.0-3.el9_3
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
opensc
Amazon Linux 2
0:0.19.0-5.amzn2.0.2
fixed
Amazon Linux 2023
0:0.23.0-3.amzn2023.0.2
fixed
opensc-debuginfo
Amazon Linux 2
0:0.19.0-5.amzn2.0.2
fixed
Amazon Linux 2023
0:0.23.0-3.amzn2023.0.2
fixed
opensc-debugsource
Amazon Linux 2023
0:0.23.0-3.amzn2023.0.2
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
opensc
Azure Linux 3.0
0:0.25.1-3.azl3
fixed
CBL-Mariner 2.0
0:0.23.0-4.cm2
fixed