When using its mlock() and munlock() functions, opensc makes the assumption that the memory block allocated is page-aligned. If used with blocks that were not allocated with glibc's allocation functions, then the opensc functions may leave some memory locked, leading to issues when applications access the locked memory.

The biggest applications that run into this issue Chromium-derived browsers, which use their own allocation functions that don't guarantee that the blocks are aligned to pages. This causes Chromium to crash after using smartcard-based credentials to log into a website, for instance.

This issue was identified in this upstream issue: https://github.com/OpenSC/OpenSC/issues/3267

This comment describes the issue: https://github.com/OpenSC/OpenSC/issues/3267#issuecomment-2528615997

And these upstream MRs were called out as potential fixes:
https://github.com/OpenSC/OpenSC/pull/3282
https://github.com/OpenSC/OpenSC/pull/3281

These patches were included in OpenSC 0.26.1, which ships with RHEL 10, but opensc in earlier versions of RHEL do not include this patch; the ask here is to backport these patches to the earlier versions.