PT-2018-12719 · Yubico+2 · Yubico-Piv+2

Eric Sesterhenn

Published

2018-08-15

Updated

2024-06-15

CVE-2018-14780

CVSS v3.1

4.6

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Yubico-Piv version 1.5.0

Description An out-of-bounds read issue was discovered in the Yubico-Piv smartcard driver. The issue arises from a memmove() operation in the ykpiv fetch object() function, located in the lib/ykpiv.c file, where the length of data to be moved is retrieved from APDU data without being checked for potential out-of-bounds access. This could result in copying bytes behind the allocated data buffer into the buffer.

Recommendations For Yubico-Piv version 1.5.0, as a temporary workaround, consider restricting the use of the ykpiv fetch object() function until a patch is available. Additionally, ensure that all data lengths retrieved from APDU data are thoroughly validated to prevent out-of-bounds access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2018-14780

OPENSUSE-SU-2018_2623-1

OPENSUSE-SU-2019:1341-1

OPENSUSE-SU-2019_1341-1

OPENSUSE-SU-2024:11537-1

SUSE-SU-2019:1123-1

USN-4276-1

USN-4846-1

Affected Products

Suse

Ubuntu

Yubico-Piv

PT-2018-12719 · Yubico+2 · Yubico-Piv+2

CVE-2018-14780

Weakness Enumeration

Related Identifiers

Affected Products

References · 25