An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-16T13:32:57
Updated: 2024-08-04T16:48:01.647Z
Reserved: 2020-11-27T00:00:00
Link: CVE-2020-29362
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-12-16T14:15:12.777
Modified: 2021-01-11T16:50:31.103
Link: CVE-2020-29362
Redhat