Back

Critical Memory Corruption Vulnerabilities in OpenSC Affecting Fedora Users

Severity: High (Score: 70.5)

Sources: Linuxsecurity

Summary

OpenSC, a library for smart card operations, has released a new version addressing multiple critical vulnerabilities. The vulnerabilities include CVE-2025-66038, CVE-2025-66215, CVE-2025-49010, and CVE-2025-66037, all published on 2026-03-30. These issues involve memory corruption and stack-buffer overflows that can be exploited via crafted smart card or USB device inputs. Users of Fedora 42 and Fedora 43 are specifically affected, as the vulnerabilities could allow attackers with physical access to exploit the system. The release of OpenSC version 0.27.1-1 on 2026-03-31 aims to mitigate these risks. Security professionals are advised to update their systems promptly to avoid potential exploitation. The vulnerabilities were identified through fuzz testing, highlighting the importance of thorough security assessments in software development. Key Points: • OpenSC vulnerabilities include critical memory corruption and stack-buffer overflows. • Affected CVEs were published on 2026-03-30, with a patch released on 2026-03-31. • Users of Fedora 42 and Fedora 43 should update to version 0.27.1-1 immediately.

Key Entities

  • CVE-2025-13763 (cve)
  • CVE-2025-49010 (cve)
  • CVE-2025-66037 (cve)
  • CVE-2025-66038 (cve)
  • CVE-2025-66215 (cve)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed