|
|
Log in / Subscribe / Register

openSUSE alert openSUSE-SU-2010:0612-1 (pcsc-lite)



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-updates@opensuse.org 


Subject:
    	      openSUSE-SU-2010:0612-1 (moderate): pcsc-lite: fixed pcscd local root exploit (CVE-2010-0407) 


Date:
    	      Wed, 15 Sep 2010 18:08:28 +0200 (CEST)


Message-ID:
    	      <20100915160828.C5634BE36@oldboy.suse.de>



   openSUSE Security Update: pcsc-lite: fixed pcscd local root exploit (CVE-2010-0407)
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0612-1
Rating:             moderate
References:         #609317 
Cross-References:   CVE-2010-0407
Affected Products:
                    openSUSE 11.1
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update of pcsc-lite fixes a local vulnerability (stack
   overflow) which allows every user with write-access to
   "/var/run/pcscd/pcscd.comm" to gain root privileges.
   CVE-2010-0407 has been assigned to this issue.


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.1:

      zypper in -t patch pcsc-lite-2646

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.1 (i586 ppc x86_64):

      pcsc-lite-1.4.102-1.249.1
      pcsc-lite-devel-1.4.102-1.249.1

   - openSUSE 11.1 (x86_64):

      pcsc-lite-32bit-1.4.102-1.249.1

   - openSUSE 11.1 (ppc):

      pcsc-lite-64bit-1.4.102-1.249.1


References:

   http://support.novell.com/security/cve/CVE-2010-0407.html
   https://bugzilla.novell.com/609317
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds