CVE-2018-14779 -- yubico-piv-toolID: oval:org.secpod.oval:def:2000404 | Date: (C)2019-04-21 (M)2023-10-15 |
Class: VULNERABILITY | Family: unix |
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data`: {% highlight c %} if { fprintf; } if { memcpy; out_data += recv_len - 2; *out_len += recv_len - 2; } {% endhighlight %} -- it is clearly checked whether the buffer is big enough to hold the data copied using `memcpy`, but no error handling happens to avoid the `memcpy` in such cases. This code path can be triggered with malicious data coming from a smartcard.