Security News Vulnerabilities in smart card drivers open systems to attackers

[LASER_oneXM]

Content source

https://www.helpnetsecurity.com/2018/08/13/vulnerabilities-smart-card-drivers/

Security researcher Eric Sesterhenn of X41 D-SEC GmbH has unearthed a number of vulnerabilities in several smart card drivers, some of which can allow attackers to log into the target system without valid credentials and achieve root/admin privileges.

About the vulnerabilities

Sesterhenn tested a number of open source smart card drivers developed by Yubico, OpenSC and the Apple Smart Card Services project.

He extended the company’s fuzzing framework and developed several tools that allowed him to test the OpenSC smart card stack, PCSC-based drivers on Linux and Winscard based smartcard drivers on Microsoft operating systems.

Most of the vulnerabilities he discovered are buffer overflows, out of bounds memory reads/writes, and logic bugs and successful exploitation of some of them can lead to code execution, DoS, and authentication bypass.

The flaws can be exploited via malicious smartcards.

All of the vendors and maintainers have been informed and some fixes have already been released (for Yubico PIV, the Apple Smart Card Services components).

The vulnerable libykneomgr library (used by Yubico) won’t be updated because it’s deprecated, and OpenSC has not yet provided fixes for OpenSC and the pam-pkcs11 library, so X41 has decided to release temporary bugfixes themselves.

Sesterhenn has presented his research at this year’s edition of DEF CON in Las Vegas.