A buffer overrun vulnerability exists in OpenSC versions prior to 0.27.0 in the `do_key_value()` function within `src/pkcs15init/profile.c`. The flaw occurs when processing profile configuration files during `pkcs15-init` invocation. A key value entry beginning with '=' followed by excessive characters is copied into a fixed-size buffer via `memcpy` without length validation, resulting in both stack and h [truncated]
A stack buffer overflow vulnerability exists in OpenSC before version 0.27.0-rc1, specifically within the `piv_process_history()` function in `src/libopensc/card-piv.c`. The flaw occurs when processing a PIV smart card or USB device that returns a URL field exceeding 118 bytes in the Key History Object ASN.1 response. Exploitation requires physical presence and interaction with a crafted device, limiting [truncated]
