A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).
Credits
Red Hat would like to thank Matteo Marini (Sapienza University of Rome) for reporting this issue.