Stack-based buffer overflow in the ATRDecodeAtr function in the
Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3,
and possibly other 1.5.x and 1.6.x versions, allows physically proximate
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via a smart card with an ATR message containing a long
attribute value.
More Information

Updated: 2019-03-19 11:56:07 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)