=== Impact === SIGSEGV in libopensc.so during PKCS#11 module C_Initialize when sc_openssl3_init fails (e.g., FIPS provider unavailable). Applications like Chromium/QtWebEngine that load opensc-pkcs11.so via p11-kit crash during NSS module initialization on FIPS-enabled Ubuntu 24.04 systems. The root cause is a missing NULL guard in sc_release_context() — it dereferences ctx->reader_driver before checking if it is set. During error cleanup after sc_openssl3_init failure, reader_driver is still zero-initialized (NULL) because the context has not been fully constructed yet.
=== Test Case === 1. Install package: sudo apt install opensc opensc-pkcs11 2. Test before fix: On a FIPS-enabled system, load opensc-pkcs11.so via p11-kit (e.g., launch Chromium or run pkcs15-driver --list-reserved-entities). Application will crash with SIGSEGV in sc_release_context(). 3. After applying update: Same steps above; application should no longer crash during PKCS#11 module initialization. === Where Problems Could Occur === - Low risk: This is a defensive NULL check addition only, not a logic change. No existing code path that successfully constructs reader_driver will be affected. - If ctx->reader_driver happens to legitimately be NULL (which should never occur on the success path), the finish callback would be skipped. However, the context would be freed immediately after anyway, so no meaningful cleanup is lost. - The fix does not address the root trigger (FIPS provider loading failure in sc_openssl3_init); that is a separate issue handled elsewhere. ** Patch added: "bug_2147395_fix.debdiff" https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/2147395/+attachment/5969623/+files/bug_2147395_fix.debdiff ** Summary changed: - opensc-pkcs11 (0.25.0~rc1-1ubuntu0.2) SIGSEGV in sc_release_context during PKCS#11 C_Initialize via p11-kit/NSS (Ubuntu 24.04) + [SRU] opensc-pkcs11 (0.25.0~rc1-1ubuntu0.2) SIGSEGV in sc_release_context during PKCS#11 C_Initialize via p11-kit/NSS (Ubuntu 24.04) ** Tags added: noble sru ** Changed in: opensc (Ubuntu) Assignee: Roy J (amorris953) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2147395 Title: [SRU] opensc-pkcs11 (0.25.0~rc1-1ubuntu0.2) SIGSEGV in sc_release_context during PKCS#11 C_Initialize via p11-kit/NSS (Ubuntu 24.04) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/2147395/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
