CVE-2024-45615
LOWRedhat Enterprise Linux < 0.26.0 - Use of Uninitialized Resource
Title source: ruleDescription
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).
Scores
CVSS v3
3.9
EPSS
0.0009
EPSS Percentile
25.5%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-457
CWE-908
Status
published
Products (4)
opensc_project/opensc
< 0.26.0
redhat/enterprise_linux
7.0
redhat/enterprise_linux
8.0
redhat/enterprise_linux
9.0
Published
Sep 03, 2024
Tracked Since
Feb 18, 2026