{
  "schema_version": "1.7.0",
  "id": "MGASA-2026-0231",
  "published": "2026-06-24T05:41:50Z",
  "modified": "2026-06-24T04:51:55Z",
  "summary": "Updated opensc packages fix security vulnerabilities",
  "details": "These packages fix security vulnerabilities:\nCVE-2026-10275, A flaw has been found in OpenSC up to 0.26.1. This\naffects the function test_kpgen_certwrite of the file\nsrc/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation\nModule. This manipulation causes buffer overflow. The attack is possible\nto be carried out remotely. The complexity of an attack is rather high.\nIt is indicated that the exploitability is difficult. The exploit has\nbeen published and may be used. Patch name:\n814f745b3b6d100295f65f1935edd33d520d33ab. It is recommended to apply a\npatch to fix this issue.\nCVE-2026-40528, OpenSC before 0.27.0, fixed in commit 0358817, contains\na stack and heap buffer overrun vulnerability in the do_key_value()\nfunction in src/pkcs15init/profile.c that allows attackers to corrupt\nmemory by supplying a crafted profile configuration file. During\npkcs15-init invocation, a key value entry beginning with '=' followed by\nmore than sizeof(keybuf) characters is copied into keybuf via memcpy\nwithout a length check, causing both stack and heap buffer overruns.\n",
  "upstream": [
    "CVE-2026-10275",
    "CVE-2026-40528"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2026-0231.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=35710"
    },
    {
      "type": "WEB",
      "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/BXWQZWIKO7R5XJCNG2QJKDJX4QJMW4G5/"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/OpenSC/OpenSC/issues/3682"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:9",
        "name": "opensc",
        "purl": "pkg:rpm/mageia/opensc?arch=source&distro=mageia-9"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.25.0-1.3.mga9"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}
