vulnerability

Arch Linux: Denial of service (CVE-2019-19481)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:N/I:N/A:P)	Dec 1, 2019	Jul 11, 2025	Nov 27, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:N/I:N/A:P)

Published

Dec 1, 2019

Added

Jul 11, 2025

Modified

Nov 27, 2025

Description

An issue was discovered in OpenSC before 0.20.0. libopensc/card-cac1.c mishandles buffer limits for CAC certificates, leading to an out-of-bounds read.

Solution

arch-linux-upgrade-latest

References

CVE-2019-19481
https://attackerkb.com/topics/CVE-2019-19481
URL-http://www.openwall.com/lists/oss-security/2019/12/29/1
URL-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18618
URL-https://github.com/OpenSC/OpenSC/commit/b75c002cfb1fd61cd20ec938ff4937d7b1a94278
URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDSQLMZZYBHO5X3BK7D6E7E6NZIMZDI5/
URL-https://security.archlinux.org/ASA-202003-2
CWE-119

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today