DSA-2059-2 pcsc-lite -- buffer overflowID: oval:org.secpod.oval:def:600149 | Date: (C)2011-01-28 (M)2022-10-10 |
Class: PATCH | Family: unix |
The update for PCSCD caused a regression with some card readers. This update corrects that regression. The full advisory is below for completeness. It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. For the stable distribution , this problem has been fixed in version 1.4.102-1+lenny3. For the unstable distribution , this problem has been fixed in version 1.5.4-1. We recommend that you upgrade your pcsc-lite package.