CVE-2016-10109 (retired)

Priority
Description
Use-after-free vulnerability in pcsc-lite before 1.8.20 allows a remote
attackers to cause denial of service (crash) via a command that uses
"cardsList" after the handle has been released through the
SCardReleaseContext function.
Assigned-to
mdeslaur
Package
Upstream:released (1.8.20-1)
Ubuntu 12.04 ESM (Precise Pangolin):released (1.7.4-2ubuntu2.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.8.14-1ubuntu1.16.04.1)
Patches:
Upstream:https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=697fe05967af7ea215bcd5d5774be587780c9e22
Upstream:https://anonscm.debian.org/cgit/pcsclite/PCSC.git/commit/?id=3aaab9d998b5deb16a246cc7517e44144d281d3b
More Information

Updated: 2019-09-19 15:56:44 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)