Skip to navigation

Security Advisory Moderate: pcsc-lite security update

Advisory: RHSA-2010:0533-1
Type: Security Advisory
Severity: Moderate
Issued on: 2010-07-14
Last updated on: 2010-07-14
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2009-4901
CVE-2010-0407

Details

Updated pcsc-lite packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

PC/SC Lite provides a Windows SCard compatible interface for communicating
with smart cards, smart card readers, and other security tokens.

Multiple buffer overflow flaws were discovered in the way the pcscd daemon,
a resource manager that coordinates communications with smart card readers
and smart cards connected to the system, handled client requests. A local
user could create a specially-crafted request that would cause the pcscd
daemon to crash or, possibly, execute arbitrary code. (CVE-2010-0407,
CVE-2009-4901)

Users of pcsc-lite should upgrade to these updated packages, which contain
a backported patch to correct these issues. After installing this update,
the pcscd daemon will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
pcsc-lite-1.4.4-4.el5_5.src.rpm     MD5: 54147b0b3b072bdc514f3c72d1bc1050
SHA-256: 8ec205d0284b9c56b4f1d1a123e4ab8fd9985059932e1883ab2419c3d46c6f4c
 
IA-32:
pcsc-lite-devel-1.4.4-4.el5_5.i386.rpm     MD5: 931540eb49d844fc6e5473e6fb7047be
SHA-256: c2f597dde32e84bb00a385d3fdc9e3a7124fbcdd4944e7ba40cfca7aaf3ddfa0
 
x86_64:
pcsc-lite-devel-1.4.4-4.el5_5.i386.rpm     MD5: 931540eb49d844fc6e5473e6fb7047be
SHA-256: c2f597dde32e84bb00a385d3fdc9e3a7124fbcdd4944e7ba40cfca7aaf3ddfa0
pcsc-lite-devel-1.4.4-4.el5_5.x86_64.rpm     MD5: 985069619edd67175ba3133774e5f707
SHA-256: 816e8ac885db8734ad6c3a41721d2049304ff9921843ec23f2e6e801efa3df80
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
pcsc-lite-1.4.4-4.el5_5.src.rpm     MD5: 54147b0b3b072bdc514f3c72d1bc1050
SHA-256: 8ec205d0284b9c56b4f1d1a123e4ab8fd9985059932e1883ab2419c3d46c6f4c
 
IA-32:
pcsc-lite-1.4.4-4.el5_5.i386.rpm     MD5: 2ac43f18005ca4077f36bc4ea5140679
SHA-256: 63be1e70cc25454cdf7e1d3f98d3d35ad830418c44669f170e1eebdb2ccd1052
pcsc-lite-devel-1.4.4-4.el5_5.i386.rpm     MD5: 931540eb49d844fc6e5473e6fb7047be
SHA-256: c2f597dde32e84bb00a385d3fdc9e3a7124fbcdd4944e7ba40cfca7aaf3ddfa0
pcsc-lite-doc-1.4.4-4.el5_5.i386.rpm     MD5: 6aa2f39136951b2de8ccbaddf2ec8221
SHA-256: 4b7b0856d6f61f13e9c4effcd321784b3f5e1ceac88f3410c8a4cc9128dd1d5d
pcsc-lite-libs-1.4.4-4.el5_5.i386.rpm     MD5: e2cdc9ea594430f0e1819b5fb098c2ee
SHA-256: 16a410b81c1adc80c38b1710052f4161bb8fbc6df48e1902acbeccdf957a624c
 
IA-64:
pcsc-lite-1.4.4-4.el5_5.ia64.rpm     MD5: eab057ee96893ec45352dc12d9a526dd
SHA-256: 5e9c499dab2d37c12c45917aa1e6cad842e96155dc04b3284e9677fb020d99ac
pcsc-lite-devel-1.4.4-4.el5_5.ia64.rpm     MD5: c890f025504662f7f40dd3df90edb80a
SHA-256: 283288e42054e0ab26b6b34c86cc5cd8b8064cb5b871a7f17b9c5cdeb0cb38e1
pcsc-lite-doc-1.4.4-4.el5_5.ia64.rpm     MD5: 8105a9e4da95150ac0bbf86795d52e04
SHA-256: 53c27e311d95dd7c3dc6f2b9488a786a2d3f8c94f0e45b0202f9bb190f419f51
pcsc-lite-libs-1.4.4-4.el5_5.ia64.rpm     MD5: a386dffed2529ff58005665d988be055
SHA-256: 8ab04416f6c26d678ac8a894487211d9d3c6de77abd5675b95dddde5fa775937
 
PPC:
pcsc-lite-1.4.4-4.el5_5.ppc.rpm     MD5: bba1e0d8f1973b5446c18ec9b8eed1ff
SHA-256: cfa243e6086b9d6d326706ef83cd408f68f049590d692881354067b2633237f0
pcsc-lite-devel-1.4.4-4.el5_5.ppc.rpm     MD5: d54353bdca7ecc62674e348c63c47f9c
SHA-256: 2f9e88fca4663fe3464ae0d1a5b0c6b66239e43a96a48574b1d3acbd357bd526
pcsc-lite-devel-1.4.4-4.el5_5.ppc64.rpm     MD5: 4eeda04bb0fae30002f297b113f7b02f
SHA-256: 50a6f6273aa6f380b3869fec60922007fc16eedd6705fb5826ddde6eb7817c24
pcsc-lite-doc-1.4.4-4.el5_5.ppc.rpm     MD5: cd49f9dbf969f273e47061bcacf9e4c8
SHA-256: e74bc0e4dc00c13c5891cc8ea3e1db30208dc3bff44f8e9c2f57c6de94698dc0
pcsc-lite-libs-1.4.4-4.el5_5.ppc.rpm     MD5: 480e8484aca2e702a08b982a1801e2ee
SHA-256: a790cb6df8dbd2be2237aff8590c3768b55fc06acc1985f92f361b542e793d7c
pcsc-lite-libs-1.4.4-4.el5_5.ppc64.rpm     MD5: f394d4d25c56ba02c032312310eac90c
SHA-256: f8fc0d53279bf03294f1af4be0f203f3babb70a245e29a40818e7668a4b1fffe
 
x86_64:
pcsc-lite-1.4.4-4.el5_5.x86_64.rpm     MD5: b7b7c30e6d73641672e46061884c481b
SHA-256: cebcf3a2f50e1fd0d8ca183a8e5cc8298a30446e70e60a545ce63231e7ef0785
pcsc-lite-devel-1.4.4-4.el5_5.i386.rpm     MD5: 931540eb49d844fc6e5473e6fb7047be
SHA-256: c2f597dde32e84bb00a385d3fdc9e3a7124fbcdd4944e7ba40cfca7aaf3ddfa0
pcsc-lite-devel-1.4.4-4.el5_5.x86_64.rpm     MD5: 985069619edd67175ba3133774e5f707
SHA-256: 816e8ac885db8734ad6c3a41721d2049304ff9921843ec23f2e6e801efa3df80
pcsc-lite-doc-1.4.4-4.el5_5.x86_64.rpm     MD5: c216c89f9c5d41208dc7511ba1e82c23
SHA-256: d58e568151970c2e5573c52eeea0609fec8cf331e54d296d8104ddda76c45065
pcsc-lite-libs-1.4.4-4.el5_5.i386.rpm     MD5: e2cdc9ea594430f0e1819b5fb098c2ee
SHA-256: 16a410b81c1adc80c38b1710052f4161bb8fbc6df48e1902acbeccdf957a624c
pcsc-lite-libs-1.4.4-4.el5_5.x86_64.rpm     MD5: 56fcba68f457d9a474c410d804083fea
SHA-256: cf18767bbbbc3ceb9f43fdd2b423145adb4b110c7255a2c3a47fa0c8e9a2df89
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
pcsc-lite-1.4.4-4.el5_5.src.rpm     MD5: 54147b0b3b072bdc514f3c72d1bc1050
SHA-256: 8ec205d0284b9c56b4f1d1a123e4ab8fd9985059932e1883ab2419c3d46c6f4c
 
IA-32:
pcsc-lite-1.4.4-4.el5_5.i386.rpm     MD5: 2ac43f18005ca4077f36bc4ea5140679
SHA-256: 63be1e70cc25454cdf7e1d3f98d3d35ad830418c44669f170e1eebdb2ccd1052
pcsc-lite-devel-1.4.4-4.el5_5.i386.rpm     MD5: 931540eb49d844fc6e5473e6fb7047be
SHA-256: c2f597dde32e84bb00a385d3fdc9e3a7124fbcdd4944e7ba40cfca7aaf3ddfa0
pcsc-lite-doc-1.4.4-4.el5_5.i386.rpm     MD5: 6aa2f39136951b2de8ccbaddf2ec8221
SHA-256: 4b7b0856d6f61f13e9c4effcd321784b3f5e1ceac88f3410c8a4cc9128dd1d5d
pcsc-lite-libs-1.4.4-4.el5_5.i386.rpm     MD5: e2cdc9ea594430f0e1819b5fb098c2ee
SHA-256: 16a410b81c1adc80c38b1710052f4161bb8fbc6df48e1902acbeccdf957a624c
 
x86_64:
pcsc-lite-1.4.4-4.el5_5.x86_64.rpm     MD5: b7b7c30e6d73641672e46061884c481b
SHA-256: cebcf3a2f50e1fd0d8ca183a8e5cc8298a30446e70e60a545ce63231e7ef0785
pcsc-lite-doc-1.4.4-4.el5_5.x86_64.rpm     MD5: c216c89f9c5d41208dc7511ba1e82c23
SHA-256: d58e568151970c2e5573c52eeea0609fec8cf331e54d296d8104ddda76c45065
pcsc-lite-libs-1.4.4-4.el5_5.i386.rpm     MD5: e2cdc9ea594430f0e1819b5fb098c2ee
SHA-256: 16a410b81c1adc80c38b1710052f4161bb8fbc6df48e1902acbeccdf957a624c
pcsc-lite-libs-1.4.4-4.el5_5.x86_64.rpm     MD5: 56fcba68f457d9a474c410d804083fea
SHA-256: cf18767bbbbc3ceb9f43fdd2b423145adb4b110c7255a2c3a47fa0c8e9a2df89
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

596426 - CVE-2009-4901 CVE-2009-4902 CVE-2010-0407 pcsc-lite: Privilege escalation via specially-crafted client to PC/SC Smart Card daemon messages


References

https://www.redhat.com/security/data/cve/CVE-2009-4901.html
https://www.redhat.com/security/data/cve/CVE-2010-0407.html
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/